Microsoft issues out-of-band patch

[n3td3v <xploitable () gmail com>]

"The software giant rushed out a fix for the security issue in eight
days, following its discovery that online criminals were using the
flaw to attack Internet users."

http://www.securityfocus.com/brief/873

This is because they usually hold back disclosure and patch release so
the intelligence services can backdoor criminal and terrorist pc's.

We're not saying Microsoft has never been capable to release a patch
in eight days, we're saying there is an agreement with the government
not to, unless a flaw is publicly known and is affecting the
internet-at-large.

There are a ton of zero-day that Microsoft and the government know
about and are used for intelligence purposes, they are kept secret
unless the public know about it and the zero-day becomes a threat to
the government.

Though the fact is this, MI5 have zero-day that not even Microsoft
know about and not only this, MI5 have their systems patched against
flaws that are not known about by other entities.

What i'm saying is this: MI5's systems are patched against flaws that
only they know about and their technicians have developed their own
in-house patches for them.

If that isn't impressive I don't know what is.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/