lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <9E97F0997FB84D42B221B9FB203EFA273F2E5D@dc1ms2.msad.brookshires.net>
From: toddtowles at brookshires.com (Todd Towles)
Subject: IE is just as safe as FireFox

The first patch for ADODB.stream was just a killbit..and the killbit
only stopped the current attack vector...in a manner of seconds, there
was a second exploit that passed the so called first patch. Stupid, they
think everything is as stupid as their main market.

The problem with IE is its connection to the OS...if you break IE you
break the OS...Microsoft can't clean up the browser without breaking the
OS...then they would have to do a complete secure rebuild. Ohhh..we
wouldn't want to do that..lol 

> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com 
> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Des Ward
> Sent: Friday, November 12, 2004 2:39 AM
> To: full-disclosure@...ts.netsys.com
> Cc: Ring-of-Fire@...oogroups.com
> Subject: Re: [Full-Disclosure] IE is just as safe as FireFox
> 
> Other browsers may have problems, and often do (In the case 
> of Firefox say) but the time to respond is key here. MS have 
> a real problem going that extra mile when it comes to 
> patching against variants of a vulnerability (ADODB.stream, 
> shell: etc).
> 
> Mosl software has vulnerabilities at some stage, it's how you 
> deal with it.
> -----Original Message-----
> From: "Todd Towles" <toddtowles@...okshires.com>
> Date: Thu, 11 Nov 2004 15:59:20
> To:"Mailing List - Full-Disclosure" <full-disclosure@...ts.netsys.com>
> Cc:<Ring-of-Fire@...oogroups.com>
> Subject:  [Full-Disclosure] IE is just as safe as FireFox
> 
> Microsoft's security and mangement product manager (Ben 
> English) says...
> 
>  At a security roundtable discussion in Sydney on Thursday, 
> Ben English, Microsoft's security and management product 
> manager, told attendees that IE undergoes "rigorous code 
> reviews" and is no less secure than any other browser. 
> 
> "Because IE is ubiquitous, you hear a lot more about it, but 
> I don't think that Internet Explorer is any less secure than 
> any other browser out there," English said. 
> 
> http://news.com.com/Microsoft+says+Firefox+not+a+threat+to+IE/
> 2100-1032_
> 3-5448719.html?part=dht&tag=ntop&tag=nl.e433
> 
> Can anyone say IFRAME? Lol
> 
> -Todd
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 
> ---
> Sent via XDAII BlackBerry
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ