Many installers require NTVDM to be enabled to run, especially older InstallShield ones.
Disabling it isn't as problem-free as they make out :)
A security researcher at Google is recommending computer users make several configuration changes to protect themselves against a previously unknown vulnerability that allows untrusted users to take complete control of systems running most versions of Microsoft Windows. The vulnerability resides in a feature known as the …
...which presumably are immune from this bug :)
Having said that, Mandriva Updater finds security updates for various bits of my Mandriva 2010 box several times a week. So although there are hardly any viruses in the wild that exploit Linux systems (probably due to a combination of relatively low usage and a better security subsystem), evidently developers are continually finding (and fixing) security holes in the various components.
Then again, the updates are usually very small in size, and are delivered as/when available, rather than several MB in size, collated together, then released once a month. And it's entirely up to you to initiate the downloads, unlike Windoze which downloads by default, unless you specifically ask it not to. Oh yes, then there's the joy of rebooting whenever any major update is installed :)
I have to use Windoze at work, but at home, give me the penguin any day :)
Shall we talk about SSH and BIND exploits? No OS is immune to bugs. Sure, some are better than others, but none is -immune-.
If you don't use Windows, then you've got nothing to worry about, then. So go away and play with your penguin, and let us discuss something that affects the rest of us.
FWIW, I use Linux at home, and about 1/3 of our server fleet is Linux too. But sticking your head above the parapet to say "Blah blah blah Linux is best blah blah", when the topic is Windows, is bloody tedious in the extreme.
I use Windows, Unix and Linux at work and Windows and Linux at home, I hadn't kept up with updating my AA1/Fedora 12 laptop, after about four weeks it had more than 300 packages to be updated. It took more than four hours to crunch through them.
When I was a sysadmin, I didn't want to have to drop what I was doing to check out an update to a system, unless I _really had to_. Larger less frequent updates are better, you only have to do one set of testing whereas with lots of little updates you have to test each one individually.
But this is a kernel exploit, not 3rd party software. Yes there have been exploits in ssh and bind, but they've been fixed asap by the OSS community, and not dumped at the back of a very long queue by a corporate entity who at first denies the problem exists, then denies it's being exploited, then after 6-12 moths finally gets around to patching it, but then leaves it until the next patch day, rather than pushing the patch out asap.
But anyway, you're clearly an MS fanboi, so there's no point using logic in an argument with you.
So you never need to reboot Linux - oh yes you do (mostly when it's a desktop I 'll conceed). I use Debian ,windows and BSD and they all have their ifs and buts.
MS tries to be all things to all men with backward compatibilty - must be a nightmare for a code maintainer. Afterall you could buy OSX which regularly drops support for your applications, forcing you to buy a massively inflated (in cost and bloat), newer version when it changes face. At the end of the day annoyance should be aimed at the cracking exploiters of these holes not at the companies and people trying to patch all the time.
"Afterall [sic] you could buy OSX which regularly drops support for your applications, forcing you to buy a massively inflated (in cost and bloat), newer version when it changes face."
Not at all. Last upgrade was £25. Previous to that it was about £80. How much was a Windows upgrade? RRP of £99.99 for Home "Premium", whatever that is. Since there is only one SKU of OSX, a fair comparison would arguably be with the fully featured "Ultimate" edition at an RRP of £199.99! (source for both: microsoft.com) Not that one is *forced* into upgrading at all. My Mum still uses Leopard on her Mini and my brother still uses Tiger on his 2004 iMac, both without problem. Admittedly some developers stop supporting previous versions, but that's up to them. When you get a new Mac OS, that is *all* you get. No 'bloat' at all. You are obviously referring to the iLife suite that comes with a new Apple computer. It's easily "uninstalled", just drag the apps to the trash and then empty! Done! Upgrades haven't regularly broken other apps either, well certainly less than Vista did when it was released and nothing that *greedy* software companies couldn't counter by releasing a patch. The extent was over-exaggerated. Interestingly enough small independent developers had no problem supporting the transition from 10.5 to 10.6, it was the greedy SOB's like Adobe that had "issues". In fact the CS3 range works fine, at least as well as it did before. Microsoft Office, perhaps ironically, had no problems at all!
At the end of the day blatant fanboys shouldn't use use FUD and throw-up pointless, ill-informed and irrational arguments to try and deflect from the fact that their preferred OS has had a security flaw for 17 years.
The last update was indeed £25, the previous update was _and still is_ £85. As a PPC 10.4.11 customer who needs to upgrade, due to a critical app no longer working, if I want to take that £25 update I have to spend somewhere in the region of £1k to replace my current hardware or spend well over the odds upgrading to an old version of the OS. I have yet to hear of any other company who treats its customers with such contempt. Yes, drop support for old hardware, but don't keep the prices of updates to old OSes more than three times the price of the current OS.
Anyway, as it turns out, the soultion was to install Fedora 12 for PPC. I very much doubt I'll be buying Apple again.
So spend the extra £60!!! The hardware change was announced in 2005, and completed Q1 2006. Snow Leopard was released Q3 2009, 3 and a half years later. Apple made it *very* clear that they were not going to support PPC forever. They often rightly get criticised for not being transparent, but with the switch over they were nothing but! In fact this switch over war less painful that the 68K to PPC switch over which seemed to happen over night! You had ample time to prepare. That doesn't necessarily mean that you had to buy a new Mac. It means you had 3.5 years at least look at alternatives, which you obviously have. I guess the fact that you switched to Linux mean you were talking shit about your supposed 'critical' app (ODFO!) when clearly cheaper or free alternatives were available! No-one puts a gun to your head and says "use OSX" or "Use Windows!". £85 is _still_ cheaper than the cost of an upgrade to Windows 7 Home Premium! Why should you be 'rewarded' for NOT upgrading to begin with?!
Ok: Critical app is Mythtv Frontend, which as of 0.2.2-2 no longer works on 10.4.11, but does in 10.5.? or PPC linux. So no, I wasn't talking shit.
I will state again: I am not aware of any other company that charges more for older versions of software than new. This is my beef, not that the machine is getting old, but that apple expect me to pay more than three times the cost of the current version of the OS for an older version.
@Keith - you are correct but that still means you have to reboot the OS I was not inferreing Linux required as many reboots as windows - of course not
@AC and Fraser Please re-read my post:
"Afterall you could buy OSX which regularly drops support for your APPLICATIONS, forcing you to buy a massively inflated (in cost and bloat), newer version when it changes face.
I was not refering to the OS but the applications such as Photosohop CS4 which due to the Coccoa / Carbon fiasco still doesn't work on snow leopard unless things have changed. I am no expert but taking the processor architecture aside we had to buy quite a bit of new software for the alte versions of OSX.
Personally I'm not too enamoured with any of the current OSs in desktop form. I wish Europe would get together look at the flaws in Linux / Unix and write a better OS than both of those because I think it is possible - any takers?
"As a PPC 10.4.11 customer who needs to upgrade, due to a critical app no longer working.."
Stop complaining, you have it easy, Apple dropped support for my stone circle without warning me. The fricken' thing is HUGE, it was really expensive to install. I should have been given a longer grace period, giving me time to upgrade.
Now I can no longer run the newest versions of Final Cut- just because *THEY* sold us out to the PEECEE nazi vampire liberals with their capitalist running whelk "x86" so-called "processors"!
Pot calling the kettle black. I am no MS fanboy just making the point that a being a macality can cost you dearly. Anyway Apple's work was mostly done for them (as in brilliance, security and stablility) by the BSD crew so I'm not sure what mactards always crow about I guess in IT knowledge terms they are still on Peter and Jane books ;-)
OpenBSD - been serving from Apache for the longest time, currently
1:00PM up 542 days, 37 mins, 2 users, load averages: 0.10, 0.15, 0.16
I had to reboot it 542 days ago because I pulled the power cord by accident
btw. privilege escalation is a design error, an all powerful Root / Administrator is not *required* in an OS. Archaic OSes will continue to be archaic. so Lunix / Windows FAIL
Why is it that security researchers and hackers can find hundreds of holes, flaws and exploits in MS software, yet the developers themselves and the security officials at MS always appear to be unaware of any flaws or attacks exploiting them?
Tavis' report only hit full disclosure at around 7pm UK time, and as his report contains a link to "Possibly naive example code for triggering this condition". So I would imagine that Microsoft security officials will be aware of attacks targeting the flaw soon enough.
Tavis informed MS on the 12-Jun-2009 about this flaw, so MS security officials have had over 6 months to look into and mitigate this risk. Please don't go providing excuses for their tardiness in this matter by stating they have the "potent Internet Explorer bug" to work on.
If MS can afford the best lawyers to protect their patents from infringement and themselves from litigation they can afford to hire a greater number of security researchers and fully test their abominations before foisting them on the market place for beta testing.
...they have a finite number of people working on the code and testing, whereas millions around the world get their hands on the product. It's the same reason that books and magazines go to print with typos, some electronic products have to be warranty repaired, etc etc. But because it's computer software, and Microsoft in particular, all hell breaks loose.
"But because it's computer software, and Microsoft in particular, all hell breaks loose"
Well, it's because MS people at high levels keep making motherhood statements about security and top priority in the same sentence, and then go on about a quality assurance program, ad nauseum, followed by this kind of tardiness when the rubber hits the road, that the computing community becomes thoroughly jaded.
They NEVER spend enough on quality, but they sure as hell spend heaps on lawyers, and after-market support.
How come they can't grasp the financial impact of quality from the ground up? Corporate culture.
And that's why all hell breaks loose whenever these revelations are leaked.
An anecdote. A rich man was once driving his Rolls-Royce through rural france when he hit an enormous pot-hole and horrible noises started coming from the car. At the next village garage, the mechanic diagnosed a failed rear axle and contacted Rolls-Royce. Their response was that they would be flying out a mechanic with the necessary spare parts and the car should be fixed by mid-day next.
When the man returned from his travels, he did not receive an invoice. After some time, being an honest man, he contacted Rolls-Royce about the missing bill. Their reply was short.
"We have no record of the rear axle of a Rolls-Royce Silver Shadow ever having failed.
I suspect that Microsoft likewise prefers not to know of any un-fixed security-critical issues in their systems.
"Why is it that security researchers and hackers can find hundreds of holes, flaws and exploits in MS software, yet the developers themselves and the security officials at MS always appear to be unaware of any flaws or attacks exploiting them?"
I think it's BECAUSE it's closed source. I think Microsoft has used automated vulnerability scanners to find the obvious holes, but they are not going to be going over and over existing code to look for vulnerabilities, not as much as popular open source projects (for instance the Linux kernel.)
The early dosemu vm86 support in Linux ALSO had security holes. One apparently involved using DPMI (DOS Protected Mode Interface), which 32-bit DOS apps used (and NTVDM also supports), going into DPMI mode and then dicking around with the memory management tables, you could (sound familiar?) map kernel memory space and read or modify the kernel. They first Linux kernels came out in late 1993, and they fixed this in early 2.1 series in 1996. So, about 14 years earlier.
Nope, it;'s ';cos software these days is developed by committees and marketers, not by developers! Developers write code, they make stuff happen, the marketers decide if software product X does ABC and hopw it does ABC and when, They decide if a small portion of time can be spared to allow the testers and develpers to check the code, Q&A is an afterthought because time is money for companies like MS and Apple. Apple has it slightly easier, they only have one fixed O./S and a limited hardware platform so they have less bugs, but even that fixed kit still has major problems.
They way software is now, money,money, money. Even in OSS, to a lesser extent, but OSS still needs funding and to get that they still have to deliver the base O/S products by the date they said they would, else the funding may be cut.
Sad but true.
"Developers don't control their software anymore" .....The Fuzzy Wotnot Posted Wednesday 20th January 2010 06:04 GMT
The Fuzzy wotnot,
QuITe Obviously Some, and if they are into Network InterNetworking that may be More than just a Few, are able to Control IT, Developers Software, Remotely, with Escalating Elevated Privileges Enabling Rogue Phantom Pirate TakeOver of Kernel Properties with Revisioned Intellectual Protocols Enabling SMART Access to Programs/Projects.
Now whether you See/C that as a Malignant Cancer for yourself or a Benign Cure for Systems in the Community, would depend entirely upon what you would be Actively Currently Engaged in Protecting and Promoting/Pimping and Pumping.
And quite Who and/or What would be Some and/or More than just a Few, is a Key Riddle, wrapped in a Magical Mystery, inside an Enigmatic Colossus and ITs Turing Virtual Machinery CodeXSSXXXX? And Shared as a Question because who Knows, whenever the Unknown is not Known and whenever the What We may Learn and would then Know about the Whomever Today, Changes the Questions for Tomorrow.
And it is Naive to Not Imagine that All Systems and Browsers in Operation are similarly Vulnerable IntelAIgent Proxies.
I've loads of old SW I can't replace that is either DOS or Win16.
Some cases there is no replacement.
Others I can't afford an upgrade. My Win16 Adobe Première Video Editing still works on XP.
For really DOS apps, there's DOSbox, http://www.dosbox.com/ ARM and X86 versions, so there should be an x64 version too. No idea what security issues though. Since DosBox is a Emulated system and doesn't switch CPU to real mode, it should work on WOW64 on x64 Windows.
Windows 0.73 Win32 installer
Gentoo Linux 0.73 portage
Source 0.73 Source
Mac OS X 0.73 dmg (Universal)
Solaris 10 - sparc 0.73 pkg
FreeBSD package 0.72 TBZ
Fedora Core 0.72 rpm
OS/2 0.72 exe (OS2)
BeOS 0.63 binary (x86)
Risc OS 0.63 zip
TBH for regular users I can't see the point of x64. It uses more RAM always, to do the same thing and runs 32bit software slower. Unless you are running 8GByte RAM weather Simulator or a stupidly written game why would a single app need more than 512M, never mind more than 2G (the normal win32 limit per app, though 3G is possible).
The point of x64 is that a single process (or application) can utilize more than 2Gbytes of virtual address space. In certain types of application it is possible that >2Gb of VA space can be mapped onto less than 1Gb of physical RAM without the system paging itself into catatonia. So it can occasionally make sense to run x64 on a system with 1Gb RAM, and it almost always makes sense if the system has 4Gb.
Another reason is if you are developing 64-bit applications on a smaller box. They don't ever allocate >2Gb in your development environment, but let them onto the big iron with a heavier load or model, and they will then.
A third reason is if you run VMware player and *ever* want to boot a 64-bit guest O/S. Incidentally, VMware itself takes advantage of certain VM support available only in x64 mode, and allegedly runs faster on x64. (I've not tested this assertion).
4Gb systems are only one step up from the sensible default these days, and are probably set to become standard pretty soon.
... if it was from code written 17 days ago, I'd be more worried, frankly. The headline seems to imply we should be greatly surprised that the bug has existed this long. I doubt very much if there is incentive to go back and security-check 17 year old code. I'd prefer they devote time to audit any new code written.
Where's the mountain out of a molehill icon? I'll just go with beer. I like beer.
I think this supports the old descriptions of Windows as 32 bit extenstion to a 16 bit kludge, that used to sit on an 8 bit OS, and as much as anything demonstrates the need for MS to quit dicking around and start designing their products, rather than allowing them to evolve as a near biological entity. When was the last time the huge mound of legacy code recyled into currently supported products was actually audited in the context of where it is being used in XP/Vista/7 rather than where it was originally deployed ?
Instead of pushing out the next version of code and having it stated by marketing folks that it's "new from the ground up", as has been the case with Vista and 7, how about it being literally true next time eh ? Designed on solid engineering practices, rather than recycling the same mistakes that have blighted the product lines history. The marketing dweebs may even have something to base their attack pieces on other than FUD. Right now though, I strongly suspect that most will be happy if they simply fix the problem immediately at hand.
@Trixr - strongly agree.
"I think this supports the old descriptions of Windows as 32 bit extenstion to a 16 bit kludge, that used to sit on an 8 bit OS, and as much as anything demonstrates the need for MS to quit dicking around and start designing their products"
Yes, Microsoft should definitely abandon their DOS-evolved systems and rewrite the kernel from scratch, possibly using some of those clever VMS guys.
Oh wait, they did.
1995 called. They want their anti-Microsoft rant back.
Windows NT is a separate codebase, entirely written from scratch, it was even initially written on non i386 machines in order to make sure that no old machine code could be included (mainly to ensure portabillity). The 16 Bit support is included into Windows by means of a separate execution subsystem, known as wowexec. This old cack about Windows being built on the old 16Bit DOS/Windows code comes from people not understanding the difference between Windows NT and the DOS/Windows 3.1->Me OSes. They are totally different.
It should also be noted that UNIX, Mac OS, Linux and any OS you care to mention has a large amount of legacy code. Hell, even zOS still uses HASP to print - the Houston Automated Spooling Program, developed by NASA for the moon landings. Old code is not by definition bad code, often it is of much higher quality than new code.
what NTVDM and WOWEXEC are? Judging by your (it's all 16-bit underneath) rant I'm guessing you haven't got a clue.
They provide the backwards compatibility BECAUSE it isn't 16-bit underneath (unlike Win95 , ME etc). They effectively provide a virtual machine to run DOS apps in, a sort of virtual DOS machine, running on NT, an NT virtual dos machine, NTVDM - geddit.
FYI the WOW is Windows (16) on Windows (32), which add the graphical layer (like win95 did to Dos).
Yet again Microsoft pwns itself by continuing to support manky old apps. 16 bit apps no less. "because businesses need them"
Cry me a river. Christ why don't we all just go back to 8 bit while we're at it?
If you want to run 16bit apps get your ass back to Windows 95 and let the rest of us concentrate on running code that was written this century.
Most IT professionals rely on them to subvert the restrictions visited on them by their IT centres. Please don't disable them, or we'll have to find new ones.
Everyone likes to point the finger at the people in Window Division and call them out (as if any of us think that 50 layers of dependencies and multiple circular dependencies would be a doddle to fix) but the real reason most of the IT industry isn't actively clamouring for Linux workstations, is that it would become possible for any spotty sys admin in some distant call centre to lock down our machines and prevent us getting anything done. if you've become really quite good at fixing leaky, dangerous, unreliable machinery, with dodgey electrics, you might secretly buy Japanese, yourself, but you'll still tell everyone else to keep "buying British", won't you?
...and a big grain of truth in it.
I'm just happy that I have root on my own work desktop, and our IT guys aren't arses. Most of them are tolerable people that you could stand being in a room with, and in general, they do a great job. Even the people who look after the Windows users are friendly and nearly sane. Result, I feel :)
(Sorry, that was a bit smug, wasn't it? Daniel 1 was pretty on the money though, in the general case)
"Regrettably, no official patch is currently available," he wrote. "As an effective and easy to deploy workaround is available, I have concluded that it is in the best interest of users to go ahead with the publication of this document without an official patch."
Has anyone told MS? It is not uncommon for an IT issue where I work to be raised through senior management, rather than through the helpdesk, by frustrated staff whose systems don't work. When asked why we haven't yet fixed the issue we have to explain that we can't fix problems that we don't know about.
To balance things up a little, I see that Google has just added free Avast AntiVirus to their Google recommended software Pack. Last week MS beta AV software spotted a threat on my PC that Avast has missed for the last two years. Can anyone see Google suggesting people use MS free antivirus even if it is better than other free products?
"Has anyone told MS?"
However, the very article itself contains the line:
"He (Ormandy) said he informed Microsoft security employees of the vulnerability in June."
Now, admittedly, reading all the way down to the third from last paragraph of a story before hitting "comment" is a bit much, for some commenters to The Register - but unless you meant "has anyone told Marks & Spencers?", then the answer to your question appears to be enclosed in the original text, and appears to be a "yes".
The Windows apologists, ever ready on the trigger to abuse users of other OS's, really don't like people giving them a few home truths, do they? Heaven forfend they admit the shortcomings of their system of choice or the rambling, inept dinosaur that produces it. Wahh, SSH has a bug too, waahhh.
Keep it up, Penguin people!
. . . who are intent on continually stating that "this shows Linux/OS of choice is better", "shoddy Windows" and so on.
It's taken 17 years for this vulnerability to be found.
Doesn't it strike you that, if the vuln's being pointed out are in 17 year old code, that the *new* code is maybe not so bad ?
"Doesn't it strike you that, if the vuln's being pointed out are in 17 year old code, that the *new* code is maybe not so bad ?"
Not really. Vulns are found in their new code every other day so it seems.
The two things that do strike me though are that MS doesn't seem to have learnt much about secure coding in the last 17 years and what is a 17 year old bit of code that is used by 16bit DOS applications still doing in Windows 7!?
"Doesn't it strike you that, if the vuln's being pointed out are in 17 year old code, that the *new* code is maybe not so bad ?"
Why would that follow? The Windows NT codebase is tiny compared to Win7 yet they still didn't find this bug (and hadn't after 17 years - what does that tell you about their testing). What makes you think they'll find serious bugs in a codebase 10 times the size?
"It's taken 17 years for this vulnerability to be found."
You forgot the punchline - "... by someone who wanted Microsoft to fix it. Which they still haven't done after, oh, like half a year. But what's half a year compared to 17 years really?"
"Doesn't it strike you that, if the vuln's being pointed out are in 17 year old code, that the *new* code is maybe not so bad ?"
That's the best laugh I've had all week!
More likely people were too busy pointing out or exploiting the many, many, many flaws in the newer code to notice a gaping hole in some mostly pointless prehistoric subsystem.
Betamax owner : "My technology is much better than yours"
VHS owner : "Whatever, VHS is far more popular and has more films available"
With a 2% market share Linux is in the same place as Betamax, FLAC is better than MP3, SACD is better than CD etc. etc. better doesn't mean more popular.
Can all the children bickering about how much better 'their' operating system is (like it's yours anyway, like any of you ever actually contributed any code to any of them, in fact how many of you never even paid for them?) please go away and watch CBeebies or Nick Junior until your mum tells you to get your jammies on and get to bed?
Then perhaps the adults can just get on with reading a grown up website with a grown up comment section.
I have a Windows PC with limited memory, and I've been using As-Easy-As (abandonware) to log Internet quota use. I'm pretty sure it's a 16-bit Windows version.
This vulnerability seems to be about escalating from the local user's privileges to administrator rights - which is generally unauthorised access but not from malweb coming through the browser (for me, Opera), unless malicious web content has another way to sneak onto your PC. Another heoole in the system. Which would be bad by itself.
Is it possible to disable these features for particular user accounts? Sandbox the browser? Or better, sandbag it. Of course I can run a Windows application as not my main user...
get a grip people......
This so called vulnerability has been in existence for 17 years..... i assume as it was hidden for 17 years that it hasn’t been exploited? Well now its public it very soon will be....
The fact it has been unknown for so long, in my eyes means didily squat. It’s been found now, it’s how its dealt with from this point on with that is important. Ok, so Microsoft may have known about it for a while, but there are still not mass outbreaks of computers screwed over from this hole so maybe they are correct in thinking it’s not something that needs immediate attention.
It makes me laugh that windows 7 is not affected.... it reminds me of a security issue with windows xp that was brought to light a week before sp2 was released.... it would only be fixed by sp2 and sp2 would only install on proper licensed versions of windows (for a week or two anyway)...
I suspect Microsoft will recommend the fix will be to upgrade to windows 7.....
Microsoft knows a lot more about producing an OS than I do, and probably most of you lot reading this. Windows did not become the standard desktop OS for no reason. Maybe a few dirty tricks here and there but I dare any of you to say given the opportunity you would have done things much different....
Windows is good for what it is.... a desktop for the masses, Linux has a long way to go to be able to challenge this. The average Joe Blogs does not have the skills needed to get a Linux distro up and running compared to a windows install. Apple computers are good if you want style over function and have money to waste,
Linux had the perfect opportunity to take over the market place on netbooks, but Joe Blogs public spoke and would sooner buy a windows based netbook than a Linux flavoured one. Why? Because it works. my Linux aspire one was soon upgraded (some say downgraded) to windows to make it more functional for me as a photographer.... a lot less hassle to get my pictures from my Nikon to a computer to email to the news desk than to arse about with gimp....
Mines the one with a flame proof lining...
"i assume as it was hidden for 17 years that it hasn’t been exploited? "
Yes , because obviously black hats publish their findings in public forums.
It would only take 1 other person with malicious intent to have found this in that whole 17 years for a tool to be produced that exploited this. You can't prove a negative - you can't prove no one has written one.
This will help those that want to do what is suggested in the article and turn of WOWEXEC and MSDOS. Just a point, to amateurs not to mess around with the Registry or you could lose access to your computer and everything on it !!. Unless you know what you are doing dont do it.
Well three, actually.
I ran xp sp1 for some years on my (very old) laptop; no antivirus but some half way decent hacks.
It finally got three trojans (which caught my attention.)
My wife (barefoot and on dialup) runs 2000; she got four trojans; one of which was a keylogger.
Good-by Outlook express.
(in retrospect I should have removed that when I installed the OS.)
I have a friend who I fixed a computer for; he was pwoned within a week. I am still working that out in my mind. HOW IN THE HELL DID THAT HAPPEN?
In the years since I started in this field, on an Amiga, in the 80s (and Amiga viri were cool) I have found that nothing is safe; nothing at all is safe. Yes, I know how to make it safe, write the OS to a CD and Boot new every time.
Just another way of working without a net.
Fix the bug.
Work out the form of bug and check the code base to find any similar instances.
Identify the faults in their development process that let them in the first place.
Fix the process.
Mine's the one with the old IBM J of Systems reprints in the pocket.
Biting the hand that feeds IT © 1998–2020