Full Disclosure mailing list archives
Re: Two bulletins from Microsoft on Patch Tuesday
From: Col <colweb () gmail com>
Date: Fri, 7 Nov 2008 07:18:18 +0000
2008/11/6 n3td3v <xploitable () gmail com>: <snip>
i'm not sure this is a good idea as it gives a heads up to hackers. you may think its not long but its actually 5 days for a hacker to figure out potentially a vulnerability in said area. maybe we should have a discussion about the pros and cons of these microsoft heads up and what the reality of it is for the bad guys to be able to pin point and start exploiting a flaw in said area in a 5 day time frame. yours n3td3v.
I don't think any hacker is going to bother spending 5 days looking for a needle in a haystack when he can reverse engineer specific files once the patch is released. I know very little of looking for pointers in DLLs but from what I've seen it looks like a bit of a nightmare. The best way is to "diff" two files - the un-patched and the patched then you see where the changes are. Of course if you had thought about it or done *any* research before you posted you would already have made that point. I am not a white/grey/black/pink hat I'm just an NT Admin type person who monitors this list for Full Disclosure of bugs in software. Instead I have trawl through your incessant ramblings on most days. Yes I have filters set up in Gmail of course, but I still have to deal with the replies, which before you go on about it are justifiably offensive because you've polluted this list for years with your crap - most have had enough of it. Now please go and get a job in something completely different so you can sleep through the night like the rest of us. Regards, Colin. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Two bulletins from Microsoft on Patch Tuesday, (continued)
- Re: Two bulletins from Microsoft on Patch Tuesday n3td3v (Nov 06)
- Re: Two bulletins from Microsoft on Patch Tuesday Biz Marqee (Nov 06)
- Re: Two bulletins from Microsoft on Patch Tuesday n3td3v (Nov 06)
- Re: Two bulletins from Microsoft on Patch Tuesday offbitz (Nov 06)
- Re: Two bulletins from Microsoft on Patch Tuesday Ureleet (Nov 06)
- Re: Two bulletins from Microsoft on Patch Tuesday Biz Marqee (Nov 06)
- Re: Two bulletins from Microsoft on Patch Tuesday Anders B Jansson (Nov 06)
- Re: Two bulletins from Microsoft on Patch Tuesday vulcanius (Nov 06)
- Message not available
- Re: Two bulletins from Microsoft on Patch Tuesday waveroad waveroad (Nov 06)
- Re: Two bulletins from Microsoft on Patch Tuesday Col (Nov 06)
- Re: Two bulletins from Microsoft on Patch Tuesday Valdis . Kletnieks (Nov 07)
- Re: Two bulletins from Microsoft on Patch Tuesday n3td3v (Nov 08)
- Re: Two bulletins from Microsoft on Patch Tuesday James Matthews (Nov 07)