Forwarded from: Andrew Weaver <Andrew.Weavertecnomen.fi>

Hmmm... So their "quickfix" is to set the insecure off by default. OK, but
what if I need the feature? Are they going to fix it or not?

> -----Original Message-----
> From: InfoSec News [SMTP:isnc4i.org]
> Sent: Monday, June 10, 2002 1:13 PM
> To: isnattrition.org
> Subject: [ISN] Old code in Windows is security threat
>
> http://news.com.com/2100-1001-934363.html?tag=fd_top
>
> By Robert Lemos
> Staff Writer, CNET News.com
> June 9, 2002, 11:00 PM PT
>
> Microsoft will more quickly retire old code in its Windows operating
> system and other software as a result of the company's
> four-month-old "trustworthy computing" initiative, the company's
> lead bug basher said in an interview.
>
> The revelation follows last week's warning that a serious
> vulnerability in Microsoft's Internet Explorer occurred in the
> software supporting a decade-old protocol that has rarely been used
> since the World Wide Web became popular.
>
> "A lot of the (coming) design changes are to remove this feature or
> turn that one off by default," said Steve Lipner, director of
> security assurance for Microsoft and the man on the ground for the
> company's trustworthy computing initiative.

[...]

-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoattrition.org with 'unsubscribe isn'
in the BODY of the mail.
-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoattrition.org with 'unsubscribe isn'
in the BODY of the mail.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]