| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.58.0402111049220.28270@23.org> From: chs at 23.org (CHS) Subject: Microsoft credit policy (was: EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption) On Wed, 11 Feb 2004, Spiro Trikaliotis wrote: > http://www.microsoft.com/technet/security/bulletin/policy.asp here's my favorite quote: "The Response Center investigates all reported security vulnerabilities in Microsoft products. When we find a vulnerability, we develop a patch as quickly as possible and broadly disseminate information about the vulnerability, the risk it poses, and what customers can do to protect themselves against it." hehe, yeah. right. while not EXACTLY a lie, it's not EXACTLY the truth, either. "quickly as possible" could mean a year because they gave no time frame. "broadly disseminate information" could also just mean that they post information on their website, but you still have to go LOOKING for that information. I really love legal-speak. > Isn't it a good advertisement to be mentioned in Microsoft's Knowledge > Base? absolutely. ---- -- http://www.23.org/~chs/ -- AIM/AOL: bdsmchs ----------------------------------------------------------------------------- "Among the many misdeeds of the British rule in India, history will look upon the act of depriving a whole nation of arms, as the blackest." Mahatma Gandhi -----------------------------------------------------------------------------
Powered by blists - more mailing lists