[funsec] MSN (or should that be "msn") goofs again
nick at virus-l.demon.co.uk
Sat Sep 23 18:31:34 CDT 2006
I've just posted this to Full-Disclosure, but it's apposite here and I
think some of you now don't track F-D...
Read this from the Kaspersky Analysts' Diary:
Weep, laugh, /., etc as is your wont...
Given the "obvious fix" to folk capable of making such a mistake in the
first place, one might almost expect that, once it's fixed, "pIF" or
"Pif" or "PiF" or "pIf", etc would still work.
It's a good thing that Michael Howard and the boys have been wrastling
security and code-quality concepts into the softies for most of this
century -- imagine how bad things might be if they hadn't a been...
More information about the funsec