Full Disclosure mailing list archives
Re: MS04-004??
From: Paul Tinsley <pdt () jackhammer org>
Date: Mon, 02 Feb 2004 18:28:21 -0600
They finally have a fix for the url spoofing problem (%00) and updated a previous IE roll up to cover it. I have seen reference to this bug being used in the wild already, which meets Microsoft's out of cycle release criteria.
Mike Wronski wrote:
Strange that MS released a security patch today and not on the schedule as promised? Any speculation as to why?-------------------------------------------------------------------- Title: Microsoft Windows Security Bulletin Summary for February 2004 Issued: February 2, 2004 Version Number: 1.0 Bulletin: http://www.microsoft.com/technet/security/bulletin/winfeb04.asp -------------------------------------------------------------------- -M _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- MS04-004?? Mike Wronski (Feb 02)
- Re: MS04-004?? Paul Tinsley (Feb 02)
- <Possible follow-ups>
- RE: MS04-004?? David Vincent (Feb 02)
- Re: MS04-004?? Paul Tinsley (Feb 03)