[VulnWatch] [Argeniss] Story of a dumb patch (Paper advisory about CSRSS and Windows Explorer vulnerabilities)

From: Cesar (cesarc56_at_yahoo.com)
Date: 10/19/05

Next message: iDEFENSE Labs: "[VulnWatch] iDEFENSE Security Advisory 10.20.05: Multiple Vendor Ethereal srvloc Buffer Overflow Vulnerability"

Previous message: Cisco Systems Product Security Incident Response Team: "[VulnWatch] Cisco Security Advisory:Cisco 11500 Content Services Switch SSL Malformed Client Certificate Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 19 Oct 2005 11:27:42 -0700 (PDT)
To: full-disclosure@lists.grok.org.uk

Hi.

This is a new paper and it is about the
vulnerabilities patched on MS05-049 and also details a
mistake made by Microsoft on a previous patch.

Enjoy.

Cesar.

__________________________________
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com

Next message: iDEFENSE Labs: "[VulnWatch] iDEFENSE Security Advisory 10.20.05: Multiple Vendor Ethereal srvloc Buffer Overflow Vulnerability"

Previous message: Cisco Systems Product Security Incident Response Team: "[VulnWatch] Cisco Security Advisory:Cisco 11500 Content Services Switch SSL Malformed Client Certificate Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

[Full-disclosure] [Argeniss] Story of a dumb patch (Paper advisory about CSRSS and Windows Explorer
... mistake made by Microsoft on a previous patch. ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
[Argeniss] Story of a dumb patch (Paper advisoryabout CSRSS and Windows Explorer vulnerabilities)
... a mistake made by Microsoft on a previous patch. ... Cesar. ...
(Bugtraq)
security patch download for windows xp
... that Microsoft was going to make accessible a somewhat ... patch to take care for a mistake in security of this os. ...
(microsoft.public.windowsxp.security_admin)
Re: KB835732 patch
... > Clearly Microsoft will NEVER admit a mistake, ... > will eventually re-issue the patch with the problems ... If past performance is anything to go by, ... microsoft. ...
(microsoft.public.windowsupdate)
Re: [Full-disclosure] Security Alert: Unofficial IE patches appear on internet
... created by a vulnerability is as serious as this case and the available ... Microsoft will be inclined strongly against holding on to this patch. ... Microsoft often have patches ready but wait for the corporate known ...
(Full-Disclosure)