Re: IE7 Zero Day

[n3td3v <n3td3v () gmail com>]

On 5/8/06, 0x80 () hush ai <0x80 () hush ai> wrote:
> There is no skin to save.  No law is being broken and I am not
> holding anyone ransom.
>
> Microsoft is not the only vendor that can fix this bug either, it
> would be easy to patch the DLLs involved.
>
> No one is monitoring anything because I have not broken any laws in
> any country.  You reply simply dances around the issue because as
> usual, you have zero idea what you are talking about.

Symantec see you as threat:

"

ThreatCon Level is 1

A researcher has made a post to the Full-Disclosure mailing list
claiming that he has discovered two unknown and unpatched
vulnerabilities in Microsoft Internet Explorer 7, which is currently
in beta. He also states that at least one of the issues is present in
Microsoft Internet Explorer version 6.x, but circumstances unknown to
the researcher prevent him from being able to successfully exploit it.
The discoverer of these issues has stated that they will be privately
sold to the highest bidder. Internet Explorer 7 is beta software, and
as such, should not be used on sensitive systems. Though the
possibility of exploitation against version 6.x may exist, it should
always be assumed that there may be latent vulnerabilities in client
software. Users are advised to employ best practices such as avoiding
untrusted websites, links from untrusted sources, and running such
software with the least possible privileges.


"
http://www.symantec.com/avcenter/threatcon/learnabout.html

Regards,

n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/