RE: [ISN] PATCH DELAY? Buffer Overflow in UPnP Service On Microsoft Windows

From: InfoSec News (isnat_private)
Date: Tue Jan 01 2002 - 23:10:56 PST

  • Next message: InfoSec News: "Re: [ISN] US to yank Kevin Mitnick's radio license"

    Forwarded from: security curmudgeon <jerichoat_private>
    cc: mcdonald_patrickat_private
    
    > Forwarded from: McDonald Patrick <mcdonald_patrickat_private>
    > 
    > I don't have an issue with how long Microsoft took to issue.  I
    > have issue with Microsoft not notifying their customers.  How many
    > people could have been exploited and never known?  Microsoft could
    > have taken their sweet time as long they advise the consumer on
    > how to protect themselves until the patch was loaded.
    
    .. and something I have harped on before. What is the point of
    providing an email address during product registration if they don't
    use it? This is one time where e-mail would probably be welcomed by
    anyone using their products, yet Microsoft still opts not to inform
    their customer base.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Wed Jan 02 2002 - 02:55:25 PST