funsec mailing list archives

RE: Microsoft trying to put F.U.D. on Guilfanov 'temporary' patch

From: "Blanchard, Michael (InfoSec)" <Blanchard_Michael () emc com>
Date: Tue, 3 Jan 2006 16:25:30 -0500

I wouldn't think that they would vouch for it.  Even when it's created by a trusted person such as Ilfak.

 Mike B 


Michael P. Blanchard 
Antivirus / Security Engineer, CISSP, GCIH, MCSE, MCP+I 
Office of Information Security & Risk Management 
EMC ² Corporation 
4400 Computer Dr. 
Westboro, MA 01580 
email:  Blanchard_Michael () EMC COM 

-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Fergie
Sent: Tuesday, January 03, 2006 4:16 PM
To: funsec () linuxbox org
Subject: [funsec] Microsoft trying to put F.U.D. on Guilfanov 'temporary' patch

Not sure I like how this story is worded. I mean, I realize
that MS won't exactly endorse it, but WTF...

Via eWeek.

[snip]

Microsoft Corp. has slapped a 'buyer beware' tag on a third-party patch for the zero-day Windows Metafile flaw and 
promised that its own properly tested update will almost certainly ship Jan. 10.

The company's latest guidance comes days after an unofficial hotfix from reverse-engineering guru Ilfak Guilfanov got 
rare blessings from experts at the SANS ISC (Internet Storm Center) and anti-virus vendor F-Secure Corp.

Guilfanov, author of the IDA (Interactive Disassembler Pro), released an executable that revokes the "SETABORT" escape 
sequence that is the crux of the problem. The hotfix was tested and approved for use by many security experts, but 
Microsoft says it cannot vouch for the quality of the fix.

[snip]

http://www.eweek.com/article2/0,1759,1907562,00.asp

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Microsoft trying to put F.U.D. on Guilfanov 'temporary' patch Fergie (Jan 03)
- Re: Microsoft trying to put F.U.D. on Guilfanov 'temporary' patch Barrie Dempster (Jan 03)
- Re: Microsoft trying to put F.U.D. on Guilfanov 'temporary' patch Pierre Vandevenne (Jan 03)
  - RE: Microsoft trying to put F.U.D. on Guilfanov 'temporary'patch Randy Abrams (Jan 06)
    - Re: Microsoft trying to put F.U.D. on Guilfanov 'temporary'patch Gadi Evron (Jan 06)
- <Possible follow-ups>
- RE: Microsoft trying to put F.U.D. on Guilfanov 'temporary' patch Blanchard, Michael (InfoSec) (Jan 03)
  - Re: Microsoft trying to put F.U.D. on Guilfanov 'temporary' patch Florian Weimer (Jan 03)