| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: ihsan.rehman at DIT24.COM.PK (Ihsan-ur-Rehman) Subject: RE: Hotmail & Passport (.NET Accounts) Vulnerability Now finally the flaw seems to be corrected. Zone-H only concern was that Muhammad Faisal Rauf Danka had written to Microsoft/Hotmail more that 10 mails from the 12th of April and he didn't receive any answer. Hotmail has been vulnerable for all this time long. Now that the flaw has been corrected, not a simple "THANK YOU" has been sent from Hotmail security staff to Muhammad Faisal Rauf Danka. As to say, don't complain too much then if whitehats are disappearing from the world surface... SyS64738 comment: How much does it take to Hotmail or Microsoft to say a simple "thank you" to the good MFRD that was constantly mailing them about this flaw that could have led to a DISASTER for Hotmail customers? This is basic education my two kids have already learned... SyS64738 post comment: I finally received from Muhammad Faisal Rauf Danka this message: ******************* "I am now as a matter of fact happy that finally the issue has been resolved Microsoft has contacted me. And things are in control." ******************* So the story had a happy end, zone-h just hopes that the next time Microsoft won't wait until the issue gets public in order to patch a reported vulnerability/flaw. Source = http://www.zone-h.org/en/news/read/id=2666/ Sincerely, Ihsan Malik.
Powered by blists - more mailing lists