Bugtraq mailing list archives
RE: [Full-disclosure] WMF round-up, updates and de-mystification
From: "Larry Seltzer" <larry () larryseltzer com>
Date: Tue, 3 Jan 2006 06:49:53 -0500
I have tested and confirmed that this patch only works in specific
scnenarios and does not mitigate the entire issue. Variations still work.I have tested and confirmed that this patch only works in specific scnenarios and does not mitigate the entire issue. Variations still work. Oh really? Do you have any more information on this or do you just like to throw bricks? I have a hard time believing you're right, because it would mean that there are variations of the attack that don't use its fundamental mechanism. All that said, it's clear to me that the rush to adopt this patch is precipitous. For instance, it's largely unnecessary on Windows 9x, NT, and 2K, unless you rely on a specifically vulnerable app, like Notes. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.ziffdavis.com/seltzer Contributing Editor, PC Magazine larryseltzer () ziffdavis com
Current thread:
- WMF round-up, updates and de-mystification Gadi Evron (Jan 03)
- Re: [Full-disclosure] WMF round-up, updates and de-mystification Nancy Kramer (Jan 03)
- Re: [Full-disclosure] WMF round-up, updates and de-mystification InfoSecBOFH (Jan 03)
- RE: [Full-disclosure] WMF round-up, updates and de-mystification Larry Seltzer (Jan 03)
- Re: [funsec] WMF round-up, updates and de-mystification Pierre Vandevenne (Jan 03)
- Re: WMF round-up, updates and de-mystification Gadi Evron (Jan 03)
- RE: [funsec] WMF round-up, updates and de-mystification Larry Seltzer (Jan 03)
- Re[2]: [funsec] WMF round-up, updates and de-mystification Pierre Vandevenne (Jan 04)
- Re: WMF round-up, updates and de-mystification Adam Shostack (Jan 04)
- <Possible follow-ups>
- RE: WMF round-up, updates and de-mystification Krpata, Tyler (Jan 04)