funsec mailing list archives
RE: Microsoft knew about the WMF flaw for years
From: "Larry Seltzer" <larry () larryseltzer com>
Date: Mon, 16 Jan 2006 10:48:23 -0500
Your points are reasonable about Microsoft groups not communicating about security problems, but also bear in mind that the code in Windows 2000 and XP went through at least one, probably two security audits. (That doesn't mean this flaw was missed, but if it wasn't it was ignored.) There's lots of blame to throw around on this. And Toulouse's explanation also makes it clear, as if it already weren't, that Gibson pulled his crackpot theory out of his ass and it has no real basis. He really ought to have apologized by now. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.ziffdavis.com/seltzer Contributing Editor, PC Magazine larryseltzer () ziffdavis com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Microsoft knew about the WMF flaw for years Richard M. Smith (Jan 16)
- RE: Microsoft knew about the WMF flaw for years Larry Seltzer (Jan 16)
- RE: Microsoft knew about the WMF flaw for years Thomas Mannfred Carlsson (Jan 16)
- Re: Microsoft knew about the WMF flaw for years Valdis . Kletnieks (Jan 16)
- RE: Microsoft knew about the WMF flaw for years Larry Seltzer (Jan 16)