Re: [Full-disclosure] Steve Gibson smokes crack?

according to sister wiki:
The vulnerability was first discussed in the computer security community
around 26 and 27 December 2005,

this date is quite close to Christmas (at least the orthodox one).

so may this be a christmas present of some kind?

this is an interesting confession from a m$ certified solitaire expert:
Welcome to the Microsoft Security Response Center Blog!

The Microsoft Security Response Center works every day to help protect
customers from vulnerabilities in software.
To detail it a little bit, SetAbortProc functionality was a needed component
in the graphics rendering environment for applications to register a callback
to cancel printing, before even the WMF file format existed. Remember, those
were the days of co-operative multitasking and the only way to allow the user
to cancel a print job would be to call back to them, usually via a dialog.

looks like even modern windows (tm)(r)(inc) bears the burden of
"cooperative multitasking" in its large trustworthy codebase.

so is this a patch over a workaround over a kludge over
cooperative multitasking over standing 2 bits of competition?
(people who have (ab)used cooperative multitasking are more likely to get
the idea).

where do you want bill gates to go today?

On Fri, Jan 13, 2006 at 10:33:22AM -0800, Morning Wood wrote:
> claiming SetAbortProc() was a purpose placed backdoor...
> *puff*puff*


Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -