writes "Almost a year ago (December 2008), I reported a bug to Google concerning incorrect preview generation for TIFF images in GMail. The problem is that at least for some TIFF files (one such file is linked in the blog; you can use it to test my report) GMail generates a new preview every time this file is sent, and this preview doesn't correspond to the contents of the file I sent in any way. Rather, I see previews of photos (sometimes pretty embarrassing) apparently made by other users. Downloading the attached image works okay though. Get the word to Google to have the vulnerability fixed ASAP!
Disclaimer: Yes, I am the author of the blog linked. No, I have no idea why this file causes such behavior."Link to Original Source
writes "The Inquirer tells us that Microsoft has posted details on a vulnerability (or rather, a feature) in IIS 5.0 that allows an anonymous user to bypass authentication and access documents he shouldn't be able to. The good part: they've already taken down the specifics of the exploit. The bad part: they claim that this behavior is by design, and the only way to fix it is to upgrade to IIS 6.0, which is shipped only with Windows Server 2003, the cheapest edition of which costs only $399. Isn't this called "money extortion"?"Link to Original Source