Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Steve Gibson smokes crack?
From: Georgi Guninski <guninski () guninski com>
Date: Sat, 14 Jan 2006 21:11:26 +0200

according to sister wiki:
The vulnerability was first discussed in the computer security community
around 26 and 27 December 2005,

this date is quite close to Christmas (at least the orthodox one).

so may this be a christmas present of some kind?

this is an interesting confession from a m$ certified solitaire expert:
Welcome to the Microsoft Security Response Center Blog!

The Microsoft Security Response Center works every day to help protect
customers from vulnerabilities in software.
To detail it a little bit, SetAbortProc functionality was a needed component
in the graphics rendering environment for applications to register a callback
to cancel printing, before even the WMF file format existed.  Remember, those
were the days of co-operative multitasking and the only way to allow the user
to cancel a print job would be to call back to them, usually via a dialog.

looks like even modern windows (tm)(r)(inc) bears the burden of
"cooperative multitasking" in its large trustworthy codebase.

so is this a patch over a workaround over a kludge over 
cooperative multitasking over standing 2 bits of competition?
(people who have (ab)used cooperative multitasking are more likely to get
the idea).

where do you want bill gates to go today?

On Fri, Jan 13, 2006 at 10:33:22AM -0800, Morning Wood wrote:

claiming SetAbortProc() was a purpose placed backdoor...



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]