Win7 Pre-beta中的IE是个定时炸弹

Win7之家（ www.win7china.com）：Win7 Pre-beta中的IE是个定时炸弹

 从我的收件箱中可以看出，很多人都下载并安装并使用了Windows 7 Build 6956。但是无论你怎么努力，都无法更新到最近微软发布的有关IE的紧急安装更新。

其实这就是从非官方渠道获得软件的弊端。你们下载的Windows 7是个随机的“当天版本”，只是在Windows 7正式版发布前众多测试版的其中之一。任何可以获得该版本的人（微软员工，OEM合作伙伴，可信任的测试者）都可以轻松拿到更新的版本，而这个版本，才能正常更新到IE安全补丁。因此，微软安全团队并没有为泄露版本发放任何更新，就像当初没有为6952和6961发布补丁一样。因此，如果你正在Windows 7  Build 6956上用IE8浏览网站，那么很有可能你将会受到攻击。

附部分原文：

Judging by my inbox, lots of you downloaded a bootleg copy of Windows 7 build 6956 from BitTorrent, and now you have it running. But no matter how hard you try, you can’t update its built-in copy of Internet Explorer 8 with this week’s extremely critical out-of-band security update, which Microsoft turned around in record time.

That’s the downside of running software from unauthorized channels. You see, the build zipping around the BitTorrent tubes right now is a random “daily build,” one of many that was produced during the run-up to the upcoming beta release of Windows 7. Anyone who would have had authorized access to that build (Microsoft employees, OEM partners, a tiny corps of trusted beta testers) already has authorized access to more recent builds (including, rumors say, the final beta release itself) that can be updated with a supported version of this crucial IE8 patch. So, logically enough, Microsoft’s security team doesn’t release an update for that leaked version, just as it didn’t release an update for build 6952 or build 6961. As a result, you’re vulnerable if you visit a compromised website using the unpatched version of IE8.

...