Full Disclosure mailing list archives
RE: Microsoft Windows XP SP2
From: "Todd Towles" <toddtowles () brookshires com>
Date: Thu, 19 Aug 2004 15:53:41 -0500
I personally think that Microsoft should turn the "hiding of file types" off by default. We all turn it off and it doesn't help basic users learn file types. They go by the icons and therefore the icon issue is a better security threat. -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Michael Young Sent: Thursday, August 19, 2004 2:23 PM To: 1 () malware com; full-disclosure () lists netsys com Subject: RE: [Full-disclosure] Microsoft Windows XP SP2 Confirmed icon vulnerability as working on SP1 and SP2. I found that regedit.exe, winhelp.exe, and explorer.exe are also vulnerable and display their corresponding icon. I am unsure as to how useful this is as a vulnerability, but it shouldn't be present none the less. Michael Young IT Consultant Miles Technologies (856)439-0999 -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of http-equiv () excite com Sent: Thursday, August 19, 2004 11:35 AM To: full-disclosure () lists netsys com Subject: [Full-disclosure] Microsoft Windows XP SP2 Let's commence by giving credit where credit is due. The thinking is that the manufacturer of Windows XP has done a splendid job in patching their little operating system with 300 million dollar's worth of fixes. This is not exactly 'pocket change'. But this is: 1. trivial scripting in the local zone 2. notepad icon regardless of file in XP's little zip thing http://www.malware.com/malware.sp2.zip many other 'bits and pieces' to be had but overall a splendid effort on the manufacturer's part [for now]. Not quite sure where all that money went though. End Call -- http://www.malware.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Microsoft Windows XP SP2 http-equiv () excite com (Aug 19)
- RE: Microsoft Windows XP SP2 Michael Young (Aug 19)
- RE: Microsoft Windows XP SP2 joe (Aug 19)
- <Possible follow-ups>
- RE: Microsoft Windows XP SP2 Todd Towles (Aug 19)