[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] MS04-004??

To: Mike Wronski <mike@wronski.net>
Subject: Re: [Full-Disclosure] MS04-004??
From: Paul Tinsley <pdt@jackhammer.org>
Date: Mon, 02 Feb 2004 18:28:21 -0600

They finally have a fix for the url spoofing problem (%00) and updated a previous IE roll up to cover it. I have seen reference to this bug being used in the wild already, which meets Microsoft's out of cycle release criteria.

Mike Wronski wrote:

Strange that MS released a security patch today and not on the schedule as promised? Any speculation as to why? -------------------------------------------------------------------- Title: Microsoft Windows Security Bulletin Summary for February 2004 Issued: February 2, 2004 Version Number: 1.0 Bulletin: http://www.microsoft.com/technet/security/bulletin/winfeb04.asp

--------------------------------------------------------------------

-M
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] MS04-004??
  - From: Mike Wronski <mike@wronski.net>

Prev by Date: RE: [Full-Disclosure] re: gnuchess 0 day
Next by Date: Re: [Full-Disclosure] Sample of Mydoom A & B
Previous by thread: [Full-Disclosure] MS04-004??
Next by thread: RE: [Full-Disclosure] MS04-004??
Index(es):
- Date
- Thread