Full Disclosure mailing list archives
Re: How to Report a Security VulnerabilitytoMicrosoft
From: tuytumadre () att net
Date: Wed, 13 Apr 2005 02:24:54 +0000
mcbain () aol com wrote:But think about it, the testing scenarios that exist on planet earth can notpossibly be even accounted for let alone tested in Redmond. Point made; large install base requires more testing. But like most things this does not apply to every patch/root-fix. It seems they take their time on the simple fixs too most times. -- dk
Often times, the simplest of fixes tend to create the most complex architectural problems. Microsoft doesn't focus all their effort on pen-testing their patches, they spend their time mostly on ensuring that 3rd party software is not broken by their patches. That's why the simplest of fixes aren't as simple as they may seem. You only see the solution; Microsoft must dig through several solutions before they find the right one. Paul Greyhats Security http://greyhatsecurity.org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: How to Report a Security VulnerabilitytoMicrosoft tuytumadre (Apr 12)