[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <43FB1967D03EC7449A77FA91322E364814400B@SVL1XCHCLUPIN01.enterprise.veritas.com>
Date: Tue, 3 Jan 2006 09:04:55 -0800
From: "Peter Ferrie" <pferrie@...antec.com>
To: <bugtraq@...urityfocus.com>
Cc: "FunSec \[List\]" <funsec@...uxbox.org>, full-disclosure@...ts.grok.org.uk
Subject: RE: WMF round-up, updates and de-mystification
>In this URL you can find the best write-up I have seen on the WMF issue:
>http://blogs.securiteam.com/index.php/archives/167 <http://blogs.securiteam.com/index.php/archives/167>
>By Matthew Murphy at the "Securiteam Blogs".
And yet, he calls it a bug, which it isn't.
It's actually a feature, it has legitimate purposes, and has been present in Windows for 15 years, and people are noticing only now just what you can do with it.
While I'm not defending Microsoft here, since I think that it was a poor design in the first place, let's at least get that part right.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists