On Wed, Aug 02, 2000 at 23:45 +0200, Thilo Bangert wrote:
Second, one needs to mention all the bugs Microsoft fixes without the public being aware of such. Just today there has been a post on bugtraq proclaiming a w*n2k bug. It took microsoft *4* minutes to post a message, saying that a patch for excactly this vulnerability was available.
Not that I'm sure how this one went, but it's usual (I hope so) and good habit to talk to an author before blaming him in public when finding security related bugs. So the problem report *and* a work around or real fix update come together with still due credit to whoever had which part in this. Everything else will leave the _users_ behind with a vulnerable system and no cure, while kiddies and other idiots know where to go to and burgle in. It's about thinking before taking wild action. :)
Besides I don't want to know how many bugs win2ksp1 fixes (its 87 megs big!)
This could be mostly due to the delivery being done in binary form. The source diff might be tiny, but when it's in the base and almost every executable is involved, ... Not that I'm a Windows fan (the ones knowing me know better:), but there might be valid reasons. virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you.