Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly



On 06/11/2010 02:40 AM, Christian Sciberras wrote:
In my humble opinion, he could have waited a couple more days just in
case Microsoft decided to do the unprecedented.
In which case, I progressive change of policies at Microsoft are
better than a couple of users getting hacked from pron sites...
As I said: Travis indicated in his original post he believes the exploit
*was already being used in the wild*. So NOT releasing it wouldn't
protect users. It would just keep it "secret" from everyone except
Microsoft *and the black hats who were already using it*. While
maintaining a false air of intact security for everyone else.

That is better, how?

--
Benjamin Franz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • WPA2 support + Group Policy
    ... support for WPA2 to be defined in group policies in Windows XP SP2 ... Reading the Microsoft blub again, ...
    (microsoft.public.windows.group_policy)
  • RE: Password Configuration
    ... You can configure password policy in the SBS Server Management Console. ... Policies" link to open Password Policies configuration page. ... Microsoft CSS Online Newsgroup Support ... This newsgroup only focuses on SBS technical issues. ...
    (microsoft.public.windows.server.sbs)
  • Re: Update while you can...
    ... restrict access to security patches for pirate users; ... Microsoft will react by rescinding the policies. ... that something like this will make other Windows security issues pale into ...
    (alt.computer.security)
  • Re: Non-programmers are getting Visual Studio 2005 Beta 2
    ... regard to Microsoft's newsgroup policies, of which I am keenly aware. ... Microsoft web site and read all about the MVP program. ... This was my way of saying that I believe in personal responsibility. ... You are entitled to your opinion. ...
    (microsoft.public.vstudio.general)
  • Re: Lost Product Key Code for Word
    ... to install Word. ... Microsoft at 360-7561, or, if outside the U.S., see this site: ... I had to reinstall windows on my> computer and when I went to instal word again I found that> I do not have the key code they require. ... It really bothers me that I> paid for Word and now I cannot use it because I threw away> a CD case I didn't think was important, only to learn that> MIcrosoft has changed their policies and you NEED to SAVE> all those little peices of paper. ...
    (microsoft.public.word.application.errors)