is it just me or can you not conceive of anyway to protect yourself now that you do know about the problem? forewarned is forearmed. -------------------- Benjamin Smee Technical Specialist Optus Business Operations (NAC) "YES" OPTUS ben.smeeat_private Tel: +61-2-93420091 Fax: +61-2-93420998 Perilous to all of us are the devices of an art deeper than we possess ourselves. -- Gandalf the White > -----Original Message----- > From: Mariusz Mazur [mailto:mariuszat_private] > Sent: Friday, 23 November 2001 6:10 AM > To: vuln-devat_private > Subject: Re: [ALERT] Remote File Execution By Web or Mail: > Internet Explorer > > > On 2001-11-21 hush.little.babyat_private wrote the folowyng: > > [moderator: since this will probably cause many people to > start the nda vs full disclosure debate so I guess you won't > let it trough. So if you don't, it would be nice to give a > tip to the list.] > > > Ok... So we know that there is a bug... It's a critical one, > ppl can "turn it off" by editing something in the registry > and Microsoft is working hard to fix it. Oh... and we know > that for the next 60 days some people can cause some damage > to me and I have no way to protect myself. > > Is this just me or maybe more people think that releasing > this "advisory" (though this should be called "intimidator") > was completely irresponsible and plain stupid? > > > hlbhc> -----BEGIN PGP SIGNED MESSAGE----- > > hlbhc> NOMEN NESCIO SECURITY ALERT #9000989 666 > > hlbhc> Topic: Remote File Execution By Web or Mail: Internet Explorer > > hlbhc> Severity: Critical > > hlbhc> Datum: 2001-11-21 > > ---snip--- > > > > -- > Mariusz Mazur > "One Ring to bring them all and in the darkness bind them" > rem begin JenniferLopez_Naked.jpg.vbs :) > > >
This archive was generated by hypermail 2b30 : Thu Nov 22 2001 - 21:55:21 PST