Re: Microsoft issues out-of-band patch

[n3td3v <xploitable () gmail com>]

On Fri, Dec 19, 2008 at 2:55 PM, James Rankin <kz20fl () googlemail com> wrote:
> "MI5 have their systems patched against
> flaws that are not known about by other entities"
>
> Yeah, of course they do. because writing your own patches will definitely
> make sure that your enterprise is properly supported and secured, and all
> your mission-critical apps will continue to function. I remember someone
> writing their own patch for an exploitable vulnerability a few years ago and
> MS were quick to warn everyone thinking of using it that it would invalidate
> their support agreements. Of course I am sure MI5 have their own versions of
> their core operating systems, a support staff that can rewrite the entire NT
> kernel, and aren't just part of the UK government's hugely-outsourced IT
> function.
>
> Incidentally save your flames, I was doing my Friday spam clearout when I
> saw this.
>
> Cheers,
>
> JJ

The fact is this: It's not in the public interest for flaws to be
known by the public, because one more flaw in public circulation is
one less flaw to fight criminal and terrorist activity with.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/