Microsoft Vulnerabilities ARE being reported to Microsoft

From: Paul (paul_at_greyhats.cjb.net)
Date: 12/21/04

  • Next message: sanjiv: "RE: Secondary Storage Device Policy" 
    Date: 21 Dec 2004 03:28:38 -0000
To: focus-ms@securityfocus.com
    ('binary' encoding is not supported, stored as-is)

    If you came here looking for a vulnerability, you will be dissapointed, because this is simply a message. Contrary to popular opinion, I do disclose my vulnerabilities to Microsoft before release. They do not resond to any of my emails so I assumed they either 1) didn't care, or 2) were taking considerable action to patch these vulnerabilities. The Microsoft statement that I do not disclose the vulnerabilities to them is untrue and is probably just an attempt by Microsoft to make me look bad because of their own incompetence. I will continue to work towards a secure operating system because that is what we security professionals strive to accomplish.

    PS: Microsoft, I have found a way to compromise SP2 by writing a file to anywhere on the victim's computer without user interaction. As always, I will email you with the details of the vulnerability.

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

  • Next message: sanjiv: "RE: Secondary Storage Device Policy"

    Relevant Pages

    • Re: VBA dates versus Excel dates
      ... I used the .Value2 property when writing the dates to the worksheet. ... End Sub ... Jon Peltier, Microsoft Excel MVP ... This post is a suggestion for Microsoft, ...
      (microsoft.public.excel.programming)
    • Re: py3k s***s
      ... When tcl went through this they chose the eminently sensible route of not choosing a separate unicode type. ... Not only has python chosen to burden itself with two string types, but with 3 they've swapped roles. ... This is certainly the first time I've had to decide on an encoding before writing simple text to a file. ...
      (comp.lang.python)
    • Re: Backup toCD
      ... I don't have any disk writing software ... > I do not have any third party software of any kind for CD writing. ... Microsoft doesn't like to reveal the true ... file that gets into some version of Windows actually came from ...
      (microsoft.public.windowsxp.basics)
    • Re: Backup toCD
      ... I don't have any disk writing software ... > I do not have any third party software of any kind for CD writing. ... Microsoft doesn't like to reveal the true ... file that gets into some version of Windows actually came from ...
      (microsoft.public.windowsxp.basics)
    • Re: Excel Crash in procedure.
      ... Just writing a simple procedure to the modules. ... Microsoft Excell 11.0 Object Library ... Dim LineNo As Long ... Dim iFF As Integer ...
      (microsoft.public.excel.programming)