Re: [Full-disclosure] Steve Gibson smokes crack?

[Georgi Guninski <guninski@xxxxxxxxxxxx>]

according to sister wiki:
http://en.wikipedia.org/w/index.php?title=Windows_Metafile_vulnerability&oldid=35107479
---
The vulnerability was first discussed in the computer security community
around 26 and 27 December 2005,
---

this date is quite close to Christmas (at least the orthodox one).

so may this be a christmas present of some kind?

this is an interesting confession from a m$ certified solitaire expert:
http://blogs.technet.com/msrc/archive/2006/01/13/417431.aspx
------
Welcome to the Microsoft Security Response Center Blog!

The Microsoft Security Response Center works every day to help protect
customers from vulnerabilities in software.
...
To detail it a little bit, SetAbortProc functionality was a needed component
in the graphics rendering environment for applications to register a callback
to cancel printing, before even the WMF file format existed.  Remember, those
were the days of co-operative multitasking and the only way to allow the user
to cancel a print job would be to call back to them, usually via a dialog.
...
-----

looks like even modern windows (tm)(r)(inc) bears the burden of
"cooperative multitasking" in its large trustworthy codebase.

so is this a patch over a workaround over a kludge over 
cooperative multitasking over standing 2 bits of competition?
(people who have (ab)used cooperative multitasking are more likely to get
the idea).


-- 
where do you want bill gates to go today?



On Fri, Jan 13, 2006 at 10:33:22AM -0800, Morning Wood wrote:
> http://aolradio.podcast.aol.com/sn/SN-022.mp3
> 
> claiming SetAbortProc() was a purpose placed backdoor...
> 
> *puff*puff*


EOM



























































_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/