Comment Re:More information on the vulnerability (Score 1) 226
http://www.ntbugtraq.com/default.asp?pid=36&sid=1& A2=ind0403&L=ntbugtraq&O=D&F=P&P=1 313
is a full description about just what MS is fixing with MS04-009, and how it might be expolited, by its discoverer, Jouko Pynnonen. Please note that he knew that "Outlook Today" didn't have to be your Outlook startpage before MS's revision. Does MS not run their patches by the discoverers of the exploits to see if the patch actually fixes the reported probelm?
He reported the exploit to MS on July 21, 2003, for those who are keeping track.
And he says some prior versions of Outlook are vulnerable, just not supported by MS. Office2000 had a patch released for it in like November '03. Thanks for running the meter out, Mr. Bill.
There's always some wannabes at work who insist on using Outlook, though it's not our supported mail client. Since it's included with Office, the customer-oriented chiefs say they can have it. Shudder.
is a full description about just what MS is fixing with MS04-009, and how it might be expolited, by its discoverer, Jouko Pynnonen. Please note that he knew that "Outlook Today" didn't have to be your Outlook startpage before MS's revision. Does MS not run their patches by the discoverers of the exploits to see if the patch actually fixes the reported probelm?
He reported the exploit to MS on July 21, 2003, for those who are keeping track.
And he says some prior versions of Outlook are vulnerable, just not supported by MS. Office2000 had a patch released for it in like November '03. Thanks for running the meter out, Mr. Bill.
There's always some wannabes at work who insist on using Outlook, though it's not our supported mail client. Since it's included with Office, the customer-oriented chiefs say they can have it. Shudder.
