MS02-064 discusses a vulnerability where clicking on start->run can lead to
an unsuspecting user running another (malicious) user's trojan.
I warned MS of this back in on September 6th 1999 whilst 2k was still in
BETA (See the bottom of the following mail)
http://security-archive.merton.ox.ac.uk/bugtraq-199909/0145.html
I wonder if this is the longest time it has taken for a "fix" to be made
public after disclosure?
an unsuspecting user running another (malicious) user's trojan.
I warned MS of this back in on September 6th 1999 whilst 2k was still in
BETA (See the bottom of the following mail)
http://security-archive.merton.ox.ac.uk/bugtraq-199909/0145.html
I wonder if this is the longest time it has taken for a "fix" to be made
public after disclosure?
David Litchfield
[ reply ]