"So, IE8 was being rolled out in Beta (and released on Thursday) and they didn't include the ASLR/DEP until the day after? I mean I do believe it, I'm just not smart enough to figure out why the security gets added on D-Day plus 1."
It wasn't that ASLR/DEP wasn't turned on - it was that the specific exploit wasn't fixed until the RTM version. Read the blog post for more on that. And it's worth remebering that it was a BETA version of IE8 - an incomplete version. The RTM version of IE8 had this fix from when it was released.
"A Microcrap product with security vulnerabilities? Wow. That's first."
Actually, this article is about how IE8 RTM is currently thought to be one of the most secure browsers available. It's worth remebering that the only browser that wasn't exploited is Chrome - yes, that means that even the mighty Firefox fell. So, what you should have said was "Microcrap, Bugzilla and Crapple products with security vulnerabilities? Wow. That's first."
- +Analysis Microsoft: We're making ONE TRUE WINDOWS to rule us all
- Climate: 'An excuse for tax hikes', scientists 'don't know what they're talking about'
- Analysis Nadella: Apps must run on ALL WINDOWS – PCs, slabs and mobes
- Apple: We'll unleash OS X Yosemite beta on the MASSES July 24
- Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network