GDI Vulnerabilities: An Open Letter to Microsoft

UnderAttack writes "Tom Liston, the guy that brought us the LaBrea Tarpit, wrote an open letter to Microsoft regarding the GDI JPEG vulnerability, and Microsoft's scanning tool for this vulnerability, which he calls 'worse then useless'. Tom, who wrote his own scanning tool, ends his letter with 'Please stop treating your customers like idiots and give us information; information that we can use.' Like Tom explains, the official Microsoft scanning tool misses a lot of vulnerable DLL's installed by third parties, and Microsoft fails to explain if these libraries are a problem or not."

Re:Hate to quote a quote but...

[42sd]

I think it should be 'worse than useless'
Their you go.

Just a simple grammar error.

(..yes it was intentional.. laugh)

Re:er,

[flushtwice]

So, is Linus going to put out an advisory that there may be some random explit in the Gimp...

OK, let's get a few things straight: You start with Linux as the kernal, and Linus wrote that... Then other people (like RMS) came along and started bundling it with an OS, and we call them GNU/Linux, then still more people customized those things into distros with additional software written by completely separate entities (such as "The Gimp"), so to make a long story short: Linus is not responsible for programs like "The Gimp" ever!

It's not like Microsoft. The various distros contain software written by litterally thousands of contributors, and Linus is just one of them. He really can't even stop people from releasing modified versions of his own code so long as they follow the guidelines of the GPL.

Amusing, but...

[JustNiz]

I bet he won't get a response from anyone at Micro$oft who matters...

Re:Rules for this story

[rd_syringe]

Interesting that you completely disregarded point #3.