RE: Lack of Security in downloaded Security patches

From: Greg Kujawa (anonymous_at_discussions.microsoft.com)
Date: 04/19/04

• Next message: billybob: "Sorry"
• Previous message: billybob: "Re: IPSec VPN problems"
• In reply to: richajc: "Lack of Security in downloaded Security patches"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 19 Apr 2004 12:31:04 -0700

Hear, hear. I don't think that Microsoft staff can claim that these fixes were rushed to market as justification for the glaring flaws. Some of the flaws were reported to them over 6 months ago. All of this makes me harken back to when NT 4.0 Service Pack 6 was released. Most of y'all using NT are on SP6a as opposed to 6. For those of you who don't know why it's because SP6 broke the basic TCP/IP stack. Many corporate servers I was in charge of weren't the pictures of health back then IIRC.

Seems little has changed since those days. Still buggy software patches. Still glaring buffer overflows in their code due to lack of proper boundary checking leading to the need for such patches. Even in Windows Server 2003, supposedly built from the scratch with rigorous security-minded peer code review. Riiiiiight.

---

• Next message: billybob: "Sorry"
• Previous message: billybob: "Re: IPSec VPN problems"
• In reply to: richajc: "Lack of Security in downloaded Security patches"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.win2000.security  > 2004-04