lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4612A27A.60007@pacbell.net>
Date: Tue, 03 Apr 2007 11:52:42 -0700
From: "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <sbradcpa@...bell.net>
To: stefan.kelm@...orvo.de
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: More information on ZERT patch for ANI 0day

Hardly.

Don't remember that last Zero day in 2006 do you?
http://www.eweek.com/article2/0,1895,2019162,00.asp

The Zert folks have coded up zero day patches before (VML and WMF 
anyone?) and are folks actively out in the community.  While I'm not 
ready yet to install third party patches on systems, I admire them for 
the community need that they are reacting to.  Gadi and the crew work 
hard and have my respect for their efforts.

If you are willing to evaluate the eEye patch, Zert's should be higher 
on your list as well since reportedly it works better than eEye's.

Regardless it's a moot point.  The real patch is out.
Install that one.  It's on Windows update now.

Stefan Kelm wrote:
>> Hi, more information about the patch released April 1st can be found here:
>>
>> http://zert.isotf.org/
>>
>> Including:
>> 1. Technical information.
>> 2. Why this patch was released when eeye already released a third party
>> patch.
>>     
>
> Has anyone actually checked what this patch does? Who are ZERT and
> ISOTF respectively ("About ISOTF" at http://www.isotf.org/?page_value=0
> says a lot...)?
>
> ...or is this an April Fool's joke?
>
> Cheers,
>
> 	Stefan.
>
>   

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ