Main Menu
Network
Sponsor
Top 10 Sites
Partners
|
|
Top Submit newsSubscribe 
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
| Sponsored links | Want to become one of our authors and see your work published on ALLSeek.iNFO ?
| | Microsoft Downplays VLM Vulnerability |
|---|
Categorie: Vulnerability
Posted: 2006-09-26 by ReSiDeNt
Views: 2857
| Current Rating: Not rated
|
| | Details |
|---|
 Scott Deacon, with the Microsoft Security Response Center has posted an entry on the homonym blog, downplaying the evolution of exploits related to the Internet Explorer and Outlook
vector markup critical vulnerability. In what he calls a "quick entry on the VML issue", Deacon aimed to deliver a relaxed update of Microsoft's perspective on the VML issue. "Attacks remain limited. There's been some confusion about that, that somehow attacks are dramatic and widespread. We're just not seeing that from our data, and our Microsoft Security Response Alliance partners aren't seeing that at all either. Of course, that could change at any moment, and regardless of how many people are being attacked, we have been working non-stop on an update to help protect from this vulnerability," stated Deacon.
Deacon added that Microsoft is considering a potential release of the security bulletin, outside of the monthly patch cycle. In this context, provided that the security update will meet the requirements for widespread deployment, the Redmond Company will issue it in advance of the initially announced release date of October 10, 2006. Deacon also commented on the independent security update released by ZERT to address the VML vulnerability, and - while welcoming the initiative - he did state that as Microsoft is not involved, the Redmond Company doesn't guarantee or endorse the third party update.
"The good news here is that around 24-48 hours ago we began to see we have the possibility of going out of band here and we will keep you posted as we go. The primary driver here is quality and protecting customers, not adherence to the monthly schedule. During each engineering process, especially for an update regarding an issue that is being exploited, we evaluate where we are in the testing on a constant basis. We've become more confident in the past couple of days in our ability to do an out of band release," revealed Deacon.
| | Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1683
| | User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
| Previous articleBack to news listNext article
|
|
|
|
InterJOB.su
|
