Slashdot Mirror


Microsoft Flip-Flops On URI Protocol Handing Flaw

a-twitter writes "After months of insisting there is nothing to patch, Microsoft has done a complete 180 on the URI protocol handling vulnerability, announcing in a security advisory that a Windows update will be released to revise URI handling code within ShellExecute() to be more strict. The MSRC blog explains the background and offers more details on this issue."

1 of 126 comments (clear)

  1. Firefox? by Erris · · Score: 1, Troll

    They're fixing other applications (Firefox in this case)

    Did you really say and believe that? Congratulations, you have outdone M$ themselves. Let's review:

    • the problem happened if you installed IE7, not before.
    • M$ has just admitted their mistaken way of dealing with urls in XP and 2003.

    How is that Firefox again? Yes, I saw in the recap where "MSRCTEAM" mentions their previous friendly blame cast, I mean "advice", to the Firefox team. Can you tell me how that intersects reality again?

    --
    DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.