Forwarded from: Andrew Weaver <Andrew.Weaverat_private> Hmmm... So their "quickfix" is to set the insecure off by default. OK, but what if I need the feature? Are they going to fix it or not? > -----Original Message----- > From: InfoSec News [SMTP:isnat_private] > Sent: Monday, June 10, 2002 1:13 PM > To: isnat_private > Subject: [ISN] Old code in Windows is security threat > > http://news.com.com/2100-1001-934363.html?tag=fd_top > > By Robert Lemos > Staff Writer, CNET News.com > June 9, 2002, 11:00 PM PT > > Microsoft will more quickly retire old code in its Windows operating > system and other software as a result of the company's > four-month-old "trustworthy computing" initiative, the company's > lead bug basher said in an interview. > > The revelation follows last week's warning that a serious > vulnerability in Microsoft's Internet Explorer occurred in the > software supporting a decade-old protocol that has rarely been used > since the World Wide Web became popular. > > "A lot of the (coming) design changes are to remove this feature or > turn that one off by default," said Steve Lipner, director of > security assurance for Microsoft and the man on the ground for the > company's trustworthy computing initiative. [...] - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Jun 11 2002 - 04:13:41 PDT