Dailydave mailing list archives
The full measure of devotion
From: Dave Aitel <dave () immunitysec com>
Date: Mon, 11 Jul 2005 18:11:07 -0400
If you've sent a message to DD in the past few days, please resend it. Someone did an emerge world, which overwrote postfix's configuration and it took a few days to get fixed. As for tomarrow's Microsoft Excitement - I sure hope it includes a fix for javapxy.dll, since it turns out my laptop is vulnerable, and SP2 doesn't protect you. . . I know Microsoft is trying to spin Firefox's security as being on the same level as IE's, but the bugs people find in Mozilla's engine are always super complex. The bugs in IE tend to be things like "If you use the API twice, the heap gets corrupted and calls a function pointer you get to supply." Likewise, bugs in Firefox get put on Slashdot and rigorously analyzed. Bugs in IE are labled Denial of Service bugs until someone posts a sploit. http://www.microsoft.com/technet/security/advisory/903144.mspx currently says "A COM Object (Javaprxy.dll) Could Cause Internet Explorer to Unexpectedly Exit". This is pretty much clearly not true after 5 minutes of looking at it. The difference between the two security teams here is the full measure of devotion. -dave _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- The full measure of devotion Dave Aitel (Jul 11)