Information Security News mailing list archives
Re: Bug hunter finds another hole in Microsoft IE browser
From: InfoSec News <isn () C4I ORG>
Date: Mon, 9 Oct 2000 01:02:48 -0500
Forwarded By: shikido <shikido () ihug com au> Friday, October 06, 2000, 11:49:57 AM, you wrote:
http://news.cnet.com/news/0-1005-200-2939733.html?tag=st.ne.1002.bgif.ni
"That's not enough time," the Microsoft representative said. "Our biggest concern is that in a worst case scenario, it puts the customer at risk. The information is out there, and the bad guys can get their hands on it. In the best situation, it's unnecessarily spinning people up."
I think that quote should be rephrased to "That's not good enough". How is it that a corporation with such resources and funds behind it, is always one step behind dedicated people such as Guninski. Not only does microsoft's response indicate it is not prepared to put it's resources to work to fix the problem within the time specified, but it also indicates how much it values the customer. Don't tell us about problems with our product, we never intended it to be what we advertise, so it's irrelevant. Full praise to Guninski, we all know MS could ensure these problems arise less frequently. It's just a matter of "should we test it ? or just spend the rest of the timeline chucking in easter eggs ?". This may sound like a rant, it is. If one man can put in the effort to find these holes, a global company like microsoft can easily find the expenditure to curb them. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Bug hunter finds another hole in Microsoft IE browser William Knowles (Oct 05)
- <Possible follow-ups>
- Re: Bug hunter finds another hole in Microsoft IE browser InfoSec News (Oct 09)