Full Disclosure mailing list archives
Re: FrSIRT False Alarm
From: "Paul" <pvnick () gmail com>
Date: Sat, 20 Aug 2005 13:33:58 -0400
"Microsoft is concerned that this new report of a vulnerability in InternetExplorer was not disclosed responsibly, potentially putting computer usersat risk. We continue to encourage responsible disclosure of vulnerabilities.We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests. This practice helps to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities without exposure to malicious attackers while the update is being developed."
Believe it or not, I am in full agreement with this statement. Regards, Paul Greyhats Security http://greyhatsecurity.org----- Original Message ----- From: <ad () class101 org>
To: <full-disclosure () lists grok org uk> Sent: Saturday, August 20, 2005 6:13 AM Subject: Re: [Full-disclosure] FrSIRT False Alarm
MS said:"Microsoft is concerned that this new report of a vulnerability in InternetExplorer was not disclosed responsibly, potentially putting computer usersat risk. We continue to encourage responsible disclosure of vulnerabilities.We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests. This practice helps to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities without exposure to malicious attackers while the update is being developed." http://www.microsoft.com/technet/security/advisory/906267.mspx chaotic :>do you have a test page?No. We used the public exploit to generate a specially crafted page. Best regards, FrSIRT / French Security Incident Response Team 24/7 http://www.frsirt.com-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (MingW32)Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDBew5OjxwThxio44RAoWgAJ9k5+qAasePjIG8OaOe2AFjBKsvjQCfVFuD I0Yc2oleSNh/jqc8lKRxQp8= =CAvW-----END PGP SIGNATURE-----**************************************************************** KEY: 0xA7C69C5F PRINT: 694C 3495 BCC4 2F8B D794 6BD4 AF8B 457B A7C6 9C5F **************************************************************** _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- FrSIRT False Alarm DudeVanWinkle (Aug 19)
- RE: FrSIRT False Alarm Ray P (Aug 19)
- Re: FrSIRT False Alarm naveed (Aug 24)
- <Possible follow-ups>
- RE: FrSIRT False Alarm Todd Towles (Aug 19)
- Re: FrSIRT False Alarm DudeVanWinkle (Aug 19)
- Re: FrSIRT False Alarm ad (Aug 20)
- Re: FrSIRT False Alarm Paul (Aug 20)
- Re: FrSIRT False Alarm ad (Aug 20)
- Re: FrSIRT False Alarm Thierry Zoller (Aug 20)
- Re: FrSIRT False Alarm Paul (Aug 20)
- Re: FrSIRT False Alarm Dave Korn (Aug 22)
- Re: Re: FrSIRT False Alarm Ill will (Aug 22)
- Re: FrSIRT False Alarm Ill will (Aug 24)
- RE: FrSIRT False Alarm Aviv Raff (Aug 25)
- Re: FrSIRT False Alarm ad (Aug 25)
- Re: FrSIRT False Alarm Paul (Aug 20)
- Re: FrSIRT False Alarm Jérôme ATHIAS (Aug 21)