[Full-Disclosure] Microsoft source code "leak"

From: Exibar (exibar_at_thelair.com)
Date: 02/15/04

  • Next message: Jedi/Sector One: "Re: [Full-Disclosure] http://federalpolice.com:article872@1075686747" 
    To: <full-disclosure@lists.netsys.com>
Date: Sun, 15 Feb 2004 12:39:25 -0500

    Anyone ever think that perhaps Microsoft "leaked" this section of code on
    purpose? Right now there are 1,000's of hacker types and curious types
    pouring over that code looking for flaws. Sounds like there was already a
    flaw found using a signed integer as an offset, I've also heard that there
    is an exploited version of Notepad floating around now too...

      Microsoft can't pay to have this kind of QA done in house (who could?), so
    why not release a piece of source and let everyone do it for them?

      Could be that it's a clever way to distract from the ASN.1 flaw that was
    found too... release a bit of code that is meaningless and the exploit
    writers will be too busy looking through that code to write a huge exploit
    for ASN.1?

      Ok, sounds like a conspiracy theroys doesn't it? And it probably isn't
    true, but stranger things have happened :-)

     Exibar

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Jedi/Sector One: "Re: [Full-Disclosure] http://federalpolice.com:article872@1075686747"
    • Quantcast