From: Harvey Newstrom (mail@HarveyNewstrom.com)
Date: Thu Apr 05 2001 - 17:23:34 MDT
Eugene Leitl [mailto:eugene.leitl@lrz.uni-muenchen.de] wrote,
> ---------- Forwarded message ----------
> From: Jamie McCarthy <jamie@mccarthy.vg>
>
> Well, that's the problem. It's almost like Microsoft wants its users
> to be vulnerable.
Almost. It's not that Microsoft wants its users to be vulnerable, but
Microsoft does want these holes on users systems. This is because these are
not bugs, they're features. Microsoft products actually use these features.
Almost all Microsoft products will execute remote commands. The e-mail will
run commands sent to it. The WordProcessor will execute commands in a
document. The SpreadSheet will execute commands in a spreadsheet. And
their browser will execute commands from a remote website. Fixing these
holes actually breaks a lot of Microsoft features. Most of Microsofts
automatic upgrade facilities, automatic web publishing facilities, automatic
project updates between PC's, etc., use these remote commands to modify data
on remote PCs. They don't want most users to patch these holes, because
that would break a lot of functionality within their products.
-- Harvey Newstrom <http://HarveyNewstrom.com> <http://Newstaff.com>
This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 08:06:51 MST