| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 03 Apr 2007 11:52:42 -0700
From: "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <sbradcpa@...bell.net>
To: stefan.kelm@...orvo.de
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: More information on ZERT patch for ANI 0day
Hardly.
Don't remember that last Zero day in 2006 do you?
http://www.eweek.com/article2/0,1895,2019162,00.asp
The Zert folks have coded up zero day patches before (VML and WMF
anyone?) and are folks actively out in the community. While I'm not
ready yet to install third party patches on systems, I admire them for
the community need that they are reacting to. Gadi and the crew work
hard and have my respect for their efforts.
If you are willing to evaluate the eEye patch, Zert's should be higher
on your list as well since reportedly it works better than eEye's.
Regardless it's a moot point. The real patch is out.
Install that one. It's on Windows update now.
Stefan Kelm wrote:
>> Hi, more information about the patch released April 1st can be found here:
>>
>> http://zert.isotf.org/
>>
>> Including:
>> 1. Technical information.
>> 2. Why this patch was released when eeye already released a third party
>> patch.
>>
>
> Has anyone actually checked what this patch does? Who are ZERT and
> ISOTF respectively ("About ISOTF" at http://www.isotf.org/?page_value=0
> says a lot...)?
>
> ...or is this an April Fool's joke?
>
> Cheers,
>
> Stefan.
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists