Re: Where is the IE zero day exploit in the news...
From: karl levinson, mvp (levinson_k_at_despammed.com)
Date: 11/29/05
- Next message: Barry Margolin: "Re: [OT] Silly (copyright?) claim by "Galen"."
- Previous message: mkolakow: "Re: Rainbow Series"
- In reply to: Unruh: "Re: Where is the IE zero day exploit in the news..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 28 Nov 2005 20:01:44 -0500
"Unruh" <unruh-spam@physics.ubc.ca> wrote in message
news:dmflb8$2fa$1@nntp.itservices.ubc.ca...
> I never said anything like that. I said that remote code execution is much
> worse than denial of service and I still stand by that.
That's not in dispute.
>>are two different viewpoints being expressed here that are inconsistent
>>with
>>each other. If the Firefox vuln is "only a denial of service," then the
>>IE
>>vuln has only been a known remote code execution vuln for a week or so,
>>not
>>six months.
>
> And I said "only denial of service" where?
Check the message headers. I wasn't responding to you.
>>Microsoft is being faulted here for not notifying customers [although it
>>has]. I couldn't find anything on the Firefox web site about this. Not
>>only haven't they patched this, they haven't notified customers like
>>Microsoft has. Presumably they're still testing and reproducing the
>>vulnerability. Which goes back to what I was saying about not assuming
>>that
>>Microsoft can necessarily always repro a vuln overnight when a finder
>>refuses to give them all the details.
>
> 6 months sounds a bit extreme however. You must live at the north pole or
> south pole, for that to be overnight.
Or, perhaps they rated it as low priority because it was "only a denial of
service."
- Next message: Barry Margolin: "Re: [OT] Silly (copyright?) claim by "Galen"."
- Previous message: mkolakow: "Re: Rainbow Series"
- In reply to: Unruh: "Re: Where is the IE zero day exploit in the news..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
