lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <4b6ee9310812190650i4a310f0ch880fbc2b6dc460fb@mail.gmail.com>
Date: Fri, 19 Dec 2008 14:50:00 +0000
From: n3td3v <xploitable@...il.com>
To: n3td3v <n3td3v@...glegroups.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Microsoft issues out-of-band patch

"The software giant rushed out a fix for the security issue in eight
days, following its discovery that online criminals were using the
flaw to attack Internet users."

http://www.securityfocus.com/brief/873

This is because they usually hold back disclosure and patch release so
the intelligence services can backdoor criminal and terrorist pc's.

We're not saying Microsoft has never been capable to release a patch
in eight days, we're saying there is an agreement with the government
not to, unless a flaw is publicly known and is affecting the
internet-at-large.

There are a ton of zero-day that Microsoft and the government know
about and are used for intelligence purposes, they are kept secret
unless the public know about it and the zero-day becomes a threat to
the government.

Though the fact is this, MI5 have zero-day that not even Microsoft
know about and not only this, MI5 have their systems patched against
flaws that are not known about by other entities.

What i'm saying is this: MI5's systems are patched against flaws that
only they know about and their technicians have developed their own
in-house patches for them.

If that isn't impressive I don't know what is.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ