[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Microsoft got it wrong

To: "'Giovanni Campagnoli'" <bioia@yahoo.com>, <bugtraq@securityfocus.com>
Subject: Microsoft got it wrong
From: "Richard M. Smith" <rms@computerbytesman.com>
Date: Wed, 15 Oct 2003 16:51:29 -0400

Only last month in USA Today, Microsoft was claiming that Windows Messenger
didn't represent a security hazard:

   Pop-ups assail through Windows
   http://www.usatoday.com/tech/news/2003-09-24-popups_x.htm

   Microsoft views pop-up boxes as a benign nuisance 
   that does "not pose a security risk," says Greg Sullivan, 
   product manager for Windows. 

Looks like Microsoft crystal ball is pretty fuzzy.  Windows Messsenger is
just the sort of seldom-used feature that should be turned off by default in
Windows XP.

Richard M. Smith
http://www.ComputerBytesMan.com

-----Original Message-----
From: Giovanni Campagnoli [mailto:bioia@yahoo.com] 
Sent: Wednesday, October 15, 2003 3:10 PM
To: bugtraq@securityfocus.com
Subject: Microsoft Windows Security Bulletin Summary October

Microsoft Security Bulletin MS03-043 - Buffer Overrun
in Messenger Service Could Allow Code Execution
(828035)

Follow-Ups:
- Re: Microsoft got it wrong
  - From: "T.A. Adjuster" <adjuster@peeved.org>

References:
- Microsoft Windows Security Bulletin Summary October
  - From: Giovanni Campagnoli <bioia@yahoo.com>

Prev by Date: Microsoft Windows Security Bulletin Summary October
Next by Date: ColdFusion SQL Error Pages XSS
Previous by thread: Microsoft Windows Security Bulletin Summary October
Next by thread: Re: Microsoft got it wrong
Index(es):
- Date
- Thread