funsec mailing list archives
RE: When will Microsoft kill WMF support in IE?
From: "Todd Towles" <toddtowles () brookshires com>
Date: Wed, 8 Feb 2006 14:51:57 -0600
Larry wrote:
This is a pretty obscure bug here.
Agreed. But this is a separate vulnerability than the one fixed in MS06-001, so they seem to be auditing more code for WMF execution problems. Why not just disappear the execution factor all together? Do they want to keep it from some future DRM or something?
I guess some people will get hit by this, but I bet it's a really small number.
Very true, but I would guess this isn't going to be the last WMF vulnerability. They should just be glad that they found this bug, instead of the underground. The use of HD Moore post in the CVE, leads me to believe that it is connected to the point made by Moore but it isn't exactly the same. -Todd _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RE: When will Microsoft kill WMF support in IE? Todd Towles (Feb 08)
- <Possible follow-ups>
- RE: When will Microsoft kill WMF support in IE? Todd Towles (Feb 08)