Daily Exploit Releases Irk Both Vendors and Crooks

← Back to Stories (view on slashdot.org)

Daily Exploit Releases Irk Both Vendors and Crooks

Posted by ryuzaki0 on Friday July 14, 2006 @10:39AM from the can't-please-anyone dept.

conJunk writes "Security Focus has an article about HD Moore's Exploit-Every-Day-in-July endeavor raising the hackles of both browser vendors and criminals. He started the project because he felt that vendors were not taking his analysis seriously enough, but he appears to be the only one enjoying it. 'Black Hats' are having their exploits exposed, and Microsoft (who bears responsibility for the majority of the browser holes) can't keep up with the pace he's setting." From the article: "The software giant indirectly criticized the release of vulnerabilities in a statement to SecurityFocus, underscoring the importance of getting customers updated before they are exposed to threats from malicious attackers. 'Microsoft continues to encourage responsible disclosure of vulnerabilities,' the software giant said in a statement sent to SecurityFocus. 'We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests.'"

10 of 165 comments (clear)

No! Don't tell anyone!!! by dubmun · 2006-07-14 10:41 · Score: 5, Funny

A direct quote from the IE team over at Microsoft: "Don't tell anyone about all our holes! Then we won't have to fix them."

--
(end of post)
1. Re:No! Don't tell anyone!!! by Kesch · 2006-07-14 11:00 · Score: 5, Funny
  
  Here are the responses from the different browsers after recieving vulnerability reports:
  
  Firefox: Fixed!
  Opera: Fixed in 9.0
  IE: ...(4 months later) DUDE!? Why you have to go tattle on us!?
  
  --
  If this signature is witty enough, maybe somebody will like me.
In releated news... by Kenja · 2006-07-14 10:49 · Score: 2, Funny

I feel that there's not enough being done to curb gun violence here in Oakland Ca. So I'm going to shoot one person a day, every day, for the month of July. Any reports that I'm enjoying it are exaggerations.

--

"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
1. Re:In releated news... by Anonymous Coward · 2006-07-14 10:57 · Score: 1, Funny
  
  I feel that there is not enough being done about stupid legislators. So I'm going to pass a stupid law a day, every day, for the month of July. Any reports I'm getting huge checks under the table are lies.
Re:Or by Anonymous Coward · 2006-07-14 11:13 · Score: 5, Funny

for those of you who like to read nothing.
Re:Or by Anonymous Coward · 2006-07-14 11:40 · Score: 1, Funny

Very interesting!
Dep't of Redundancy Dept by PavementPizza · 2006-07-14 11:50 · Score: 4, Funny

Headline says: Daily Exploit Releases Irk Both Vendors and Crooks

Considering that Microsoft is the only Vendor complaining, and considering they've had months to fix all of these and didn't, the headline should be:

Daily Exploit Releases Irk Crooks

--
Viper is the preferred editor of the Emacs operating system.
Re:Or by mobby_6kl · 2006-07-14 12:34 · Score: 4, Funny

I'm intrigued by your ideas and would like to subscribe to your newsletter.
Re:Too bad these WERE reported to mickeysoft by Ohreally_factor · 2006-07-14 17:05 · Score: 2, Funny

That sounds almost like my scheme of using a magnifying glass to warn insects of the dangers from the sun's rays.

--
It's not offtopic, dumbass. It's orthogonal.
Oh NO... by Anonymous Coward · 2006-07-14 18:13 · Score: 1, Funny

...it seems like a Win-Win situation for the consumer... it must be wrong.