Re: Alert: Microsoft Security Bulletin - MS03-010
From: Robert Heinig (heinig_at_KUK-DATENTECHNIK.DE)
Date: Fri, 9 May 2003 13:28:56 +0200 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
My rant about the two lsasrv.dll's was, of yource, premature. Oh well if
need be, we can still comdemn the use of identical version resources for
different binaries, and we can still hate past US governments for creating
that blasted 56-bit-encryption-only issue in the first place.
As Jerry Heidtke [firstname.lastname@example.org] (quick thinker!) pointed out in private
mail to me:
Just wanted to point out that MS patches often have multiple versions of the
same file. This sometimes is because there are differences in single- vs.
multi- processor versions, different language versions, or, in this case,
different encryption strengths supported.
The file listing could be improved to make this clearer in some cases. I
believe, in this case, after your post they changed the web page to indicate
that the second version was 56-bit. That information wasn't there this
Apparently someone at Microsoft actually reads Ntbugtraq!
> -----End Quote-----
He's absolutely right.
let's all try to forget all this for the weekend!
Have you discovered a security vulnerability related to Windows or a
commercial product which runs on Windows?
Need assistance crafting the format or translating your advisory to English?
Need to verify it, or having problems contacting the Vendor?