Re: [Full-Disclosure] MSIE src&name property disclosure

From: Michal Zalewski (lcamtuf_at_ghettot.org)
Date: 11/08/04

  • Next message: Berend-Jan Wever: "MSIE src&name property disclosure"
    Date: Mon, 8 Nov 2004 15:13:57 +0100 (CET)
    To: Berend-Jan Wever <skylined@edup.tudelft.nl>
    
    

    On Mon, 8 Nov 2004, Berend-Jan Wever wrote:

    > In response to statements found at
    > http://news.com.com/Exploit+code+makes+IE+flaw+more+dangerous/2100-1002_3-5439370.html

    Yup.

    But what amuses me most, is the following bit:

      "Microsoft has begun to investigate the Iframe vulnerability and has not
      been made aware of any program designed to exploit the flaw, the company
      said in an e-mail statement to CNET News.com."

    When you posted your first message confirming that the problem is
    exploitable, I forwarded it to secure@microsoft.com, so that they know
    they have a problem in case they do not read Full-Disclosure. I got no
    response. Later, when you posted a working exploit, I sent them another
    forward, including a remark it is probably a good idea to react now, if
    they failed to do so before.

    In response, I got a mail from "Lennart" of Microsoft Security Response
    Center, saying that they are aware of the problem and read mailing lists,
    and that my original mail simply got lost in the noise.

    Several days later, this statement surfaces in an article, showing beyond
    any doubt that they are, quite simply, lying to the public to save face
    and gain time.

    As much as I am not a rabid Microsoft hater, this pissed me off more than
    a bit.

    -- 
    ------------------------- bash$ :(){ :|:&};: --
     Michal Zalewski * [http://lcamtuf.coredump.cx]
        Did you know that clones never use mirrors?
    --------------------------- 2004-11-08 15:09 --
       http://lcamtuf.coredump.cx/photo/current/
    

  • Next message: Berend-Jan Wever: "MSIE src&name property disclosure"

    Relevant Pages

    • Re: Security and EOL issues
      ... A belief that a good company, if Microsoft were one, would provide ... regulations governing what the automobile industry must do. ... older software's security would be just fine. ... > Computer Emergency Response Teams, ...
      (Security-Basics)
    • Re: XP has no significant bugs other than those of its defenders
      ... Seems to me the issue was the poor architecture of the windows ... was Linux number one, linux would be as virus infected as windows, but ... people walk away thinking poor old microsoft is just a victim, ... but you posted it half a dozen times in response to ...
      (sci.electronics.design)
    • Re: Extending the functionality of Word references/bibliography
      ... But it was interesting to learn that there were as many as 18 votes for this suggestion. ... the one "Suggestion with Microsoft Response" in this ... > pointed out the test failed an MS response was soon ...
      (microsoft.public.word.docmanagement)
    • Re: Access 2007 ODBC Error Trapping
      ... Response As Integer) ... Thank you for using Microsoft MSDN Managed Newsgroup. ... Visual Basic Error event arises when a run-time error occurs in Access on ... Microsoft Online Community Support ...
      (microsoft.public.access.forms)
    • Re: Extending the functionality of Word references/bibliography
      ... For example the one "Suggestion with Microsoft Response" in this group obtained "18 out of 18 votes". ... The only reason there are a few "Suggestions with Microsoft Response" is because an MS employee happened to see the post. ...
      (microsoft.public.word.docmanagement)