| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <8C70DBCB4CCFFAD-B74-1CAAB@mblk-d27.sysops.aol.com> Date: Tue Apr 12 22:21:46 2005 From: mcbain at aol.com (mcbain@....com) Subject: How to Report a Security VulnerabilitytoMicrosoft i guessing the *'s are sarcasm or flaming so let me respond. did i say "never" ?? no. I personally have only been effected once _severely_ after patch Tuesday. But think about it, the testing scenarios that exist on planet earth can not possibly be even accounted for let alone tested in Redmond. -----Original Message----- From: Valdis.Kletnieks@...edu To: mcbain@....com Cc: guninski@...inski.com; full-disclosure@...ts.grok.org.uk Sent: Tue, 12 Apr 2005 17:11:26 -0400 Subject: Re: [Full-disclosure] How to Report a Security VulnerabilitytoMicrosoft On Tue, 12 Apr 2005 17:00:46 EDT, mcbain@....com said: > Also, they do not "patch" they find the root of the problem which adds more time. This explains why we *never* *ever* see stuff 2 days after Patch Tuesday where people are reporting "this slight variant still works" because Microsoft always gets to the *root* of the problem and fixes it *right*, rather than just fixing the one already-known manifestation.... -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050412/bebc70cf/attachment.html
Powered by blists - more mailing lists