, SecurityFocus 2005-05-10
The software giant releases the first of its security advisories, aiming to provide information about security incidents and software updates that could help customers protect their Windows-based networks.
Expand all |
Post comment
No prescriptive guidance, whatsoever, for any of the myriad, publicly known, but as yet, unpatched vulns in MS OSes and apps.
What we got was: 1) an admonition to update to the latest patched versions of Windows Media Player and 2) pros/cons about implementing *non-RFC-compliant* "TarPit" for Win2k3 SP1 SMTP.
Very Unimpressive.
Even if MS was never going to turn over a new leaf (with regard to proactively providing interim, workaround advice relative to publicly known, but as yet, unpatched vulns in its software), MS *could have* at least included an announcement of the release of "WPA2" for WinXP, the download of which MS classifies as a "Security Update."
WPA2, which MS claims is "100% 802.11i compliant" could be a very good thing. It's supposedly available in a (static key) "Home" implementation and also in a full, industrial-strength "Enterprise" implementation.
I think this could be a Very Good Thing. (Thank you, MS!!!)
"WPA2" was packaged for distro circa 29-Apr-2005 and the docs and a redacted case study are available effective 10-May-2005.
How can a development like "WPA2" not merit any direct mention in the May MS Security Bulletin or the May MS Security Advisory???...
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/11132/31885#31885