[Dshield] WMF Ilfak Guilfanov workaround

Ed Truitt ed.truitt at etee2k.net
Sun Jan 1 20:43:37 GMT 2006


I am thinking that MSFT, as well as other vendors, conducts their QA testing in parallel - in other words, they test for all supported platforms at the same time.

Remember, even though the code bases aren't identical, they *are* similar.

-EdTr.
-----Original Message-----
From: "stu" <secmail at patchsupplier.dyndns.org>
Date: Sun, 1 Jan 2006 19:34:26 
To:"General DShield Discussion List" <list at lists.dshield.org>
Subject: Re: [Dshield] WMF Ilfak Guilfanov workaround

Yes I appreciate what you're saying, and I am actually a fan of
Microsoft, I think it was you that told me about the amount of testing
they have to go through. Would it not be easier for them to release
individual patches per platform rather than a one for all? 

Such as when a patch for 2003 has been tested release it, instead of
waiting for patches for 98, 2000, XP and 2003 to be tested before
releasing?

-----Original Message-----
From: list-bounces at lists.dshield.org
[mailto:list-bounces at lists.dshield.org] On Behalf Of Roger A. Grimes
Sent: 01 January 2006 17:13
To: General DShield Discussion List
Subject: Re: [Dshield] WMF Ilfak Guilfanov workaround

stu wrote:
> It's a sad day when patches have to come from the community instead of

> the vendor :)

Microsoft will have a patch out as quickly as it is possible for them to
do it. They have already issued multiple workaround suggestions, and I'm
sure are already working on the patch. This bug is pretty huge, for
them, affecting all platforms, so the regression testing work will be as
large for them as it could be. Talking to their teams before, I know
that even simple patches require 100's to 1000's of individual tests.
It's just not something that can be done in a day or two.

I'm not cutting them a break for the bug, but I'd rather have a solid,
well tested, patch, and not a buggy incremental fix.

In the interim, it also gives administrators an opportunity to begin
another round of end-user education, giving a real-time example of how
clicking on untrusted emails and links can lead to bad things. Somehow,
I suspect this is just a precursor of things to come in 2006, as the
crimeware gets more aggressive.

Roger

*******************************************************************
*Roger A. Grimes, Banneret Computer Security, Consultant 
*CPA, CISSP, MCSE: Security (2000/2003/MVP), CEH, yada...yada...
*email: roger at banneretcs.com
*Author of Honeypots for Windows (Apress)
*http://www.apress.com/book/bookDisplay.html?bID=281
******************************************************************

_________________________________________
Learn about Intrusion Detection in Depth from the comfort of your own couch:
https://www.sans.org/athome/details.php?id=1341&d=1

_______________________________________________
send all posts to list at lists.dshield.org
To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list

Cheers,
-E D Truitt

Sent via my BlackBerry from Cingular Wireless


More information about the list mailing list