| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat Jan 14 19:11:37 2006 From: guninski at guninski.com (Georgi Guninski) Subject: Steve Gibson smokes crack? according to sister wiki: http://en.wikipedia.org/w/index.php?title=Windows_Metafile_vulnerability&oldid=35107479 --- The vulnerability was first discussed in the computer security community around 26 and 27 December 2005, --- this date is quite close to Christmas (at least the orthodox one). so may this be a christmas present of some kind? this is an interesting confession from a m$ certified solitaire expert: http://blogs.technet.com/msrc/archive/2006/01/13/417431.aspx ------ Welcome to the Microsoft Security Response Center Blog! The Microsoft Security Response Center works every day to help protect customers from vulnerabilities in software. ... To detail it a little bit, SetAbortProc functionality was a needed component in the graphics rendering environment for applications to register a callback to cancel printing, before even the WMF file format existed. Remember, those were the days of co-operative multitasking and the only way to allow the user to cancel a print job would be to call back to them, usually via a dialog. ... ----- looks like even modern windows (tm)(r)(inc) bears the burden of "cooperative multitasking" in its large trustworthy codebase. so is this a patch over a workaround over a kludge over cooperative multitasking over standing 2 bits of competition? (people who have (ab)used cooperative multitasking are more likely to get the idea). -- where do you want bill gates to go today? On Fri, Jan 13, 2006 at 10:33:22AM -0800, Morning Wood wrote: > http://aolradio.podcast.aol.com/sn/SN-022.mp3 > > claiming SetAbortProc() was a purpose placed backdoor... > > *puff*puff* EOM
Powered by blists - more mailing lists