RE: [ISN] Old code in Windows is security threat

From: InfoSec News (isnat_private)
Date: Tue Jun 11 2002 - 01:22:50 PDT

  • Next message: InfoSec News: "[ISN] Linux Security Week - June 10th 2002"

    Forwarded from: Andrew Weaver <Andrew.Weaverat_private>
    
    Hmmm... So their "quickfix" is to set the insecure off by default. OK, but
    what if I need the feature? Are they going to fix it or not?
    
    > -----Original Message-----
    > From:	InfoSec News [SMTP:isnat_private]
    > Sent:	Monday, June 10, 2002 1:13 PM
    > To:	isnat_private
    > Subject:	[ISN] Old code in Windows is security threat 
    > 
    > http://news.com.com/2100-1001-934363.html?tag=fd_top
    > 
    > By Robert Lemos 
    > Staff Writer, CNET News.com
    > June 9, 2002, 11:00 PM PT
    > 
    > Microsoft will more quickly retire old code in its Windows operating
    > system and other software as a result of the company's
    > four-month-old "trustworthy computing" initiative, the company's
    > lead bug basher said in an interview.
    > 
    > The revelation follows last week's warning that a serious
    > vulnerability in Microsoft's Internet Explorer occurred in the
    > software supporting a decade-old protocol that has rarely been used
    > since the World Wide Web became popular.
    > 
    > "A lot of the (coming) design changes are to remove this feature or
    > turn that one off by default," said Steve Lipner, director of
    > security assurance for Microsoft and the man on the ground for the
    > company's trustworthy computing initiative.
    
    [...]
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Jun 11 2002 - 04:13:41 PDT