On Fri, 27 Aug 2010 01:29:32 EDT, Dan Kaminsky said: > Again, let me emphasize. Really interesting vector, will probably end up > attached to an unambiguous flaw. But right now, we're just seeing flaws > along the lines of "Double clicking an icon in Explorer might execute > arbitrary code". It doesn't matter that that's true even if there's a > network share, or a USB stick. That's what Explorer *does*. And as I said, a fix that starts off with "First thing we do is feed Explorer to a pack of hungry dingos" won't fly with Joe Sixpack. ;)
Attachment:
pgpNJbVl_HD5g.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/