RE: Re: funsec Digest, Vol 5, Issue 113

["Todd Towles" <toddtowles () brookshires com>]

Dan wrote:
> > Todd,
> >
> > Don't you find it interesting that the critical vulnerability was 
> > reported on October 17, 2005, yet the only handling for it 
> happens to 
> > be a product that eEye sells...?
>
> Well, Eeye discovered it, why wouldn't their product handle 
> it?? I don't find it interesting..I find it is common sense.

I pay for security/content filtering from Websense, would I not expect
Websense to protect me from all WMF exploit that they found? Eeye on the
other hand, reported it directly to Microsoft, which knows about the
issue but hasn't fixed it yet. As soon as it is released, it will be
like all other Windows vulnerability and most likely a public exploit
will be produced from the patch..

Am I the only person that doesn't understand Dan's point??

-Todd

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.