Wednesday, August 12, 2009

M$ must patch

sans considered Microsoft August 2009 Black Tuesday Overview

plenty of awful vulnerabilities:

perhaps the worst one would be ATL (Active Template Library)

It is interesting that someone had already formed a theory in regards to MSVIDCTL.DLL

<snip>
This is a cute little bug. First of all, it is a beautiful example of a single excess "&" in the source code. But what is most amusing about this bug is the centrality of it
we have here is a bug in a component that is used fairly widely, and that has the property of being statically linked

<snip>

it affects many things, third party apps, including also M$ own outlook & windows media player.

Interestingly, this vulnerabilty has been patch in MS09-034 for IE.

Labels:

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

Links to this post:

Create a Link

<< Home