Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer

From: "Thomas Schweikle" <tschweikle () fiducia de>
Date: Tue, 27 Nov 2001 18:37:29 +0100



Ok... So we know that there is a bug... It's a critical one,
ppl can "turn it off" by editing something in the registry
and Microsoft is working hard to fix it. Oh... and we know
that for the next 60 days some people can cause some damage
to me and I have no way to protect myself.

Is this just me or maybe more people think that releasing
this "advisory" (though this should be called "intimidator")
was completely irresponsible and plain stupid?


No, never! Since they knew about a vulnerability and they
classified it beeing "critical" they are responsive for
all damage beeing done by this particular vulnerability.
Especially since they have a workaround.

Fine. I do have one who is willing to pay for all damage!
I think they are nice people. Aren't they?

--
Thomas
Previous By Date Next
Previous By Thread Next

Current thread: