Roland Kaufmann <rolandat_private> writes: > > 3) Microsoft cannot fix these vulnerabilities. > (b) WM_TIMER messages are posted to the message queue and can be > filtered by the application, as stated in the documentation for > this message. The application can have a list over timers and check > this for validity. (Moral of the story: Don't trust window message > parameters any more than user input). I believe this was his point -- Microsoft cannot fix this; we have to rewrite every single Win32 application and arrange for it to maintain this list. This vulnerability strikes me as very similar to gets() -- the OS (or C library) has provided a primitive which makes it seductively easy to write insecure code. - a -- Sick of HTML user interfaces? www.xwt.org Amendment XXVIII: "thou shalt maximize thy stock price at all costs"
This archive was generated by hypermail 2b30 : Wed Aug 07 2002 - 11:24:01 PDT