RE: WMF vulnerability was a deliberate backdoor?

To: "Brooks, Shane" <SBrooks@xxxxxxxxxxxxxx>, <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: RE: WMF vulnerability was a deliberate backdoor?
From: "Alex Eckelberry" <AlexE@xxxxxxxxxxxxxxxxxxxx>
Date: Sun, 15 Jan 2006 19:58:22 -0500
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Thread-index: AcYYd+vNtUu4NyJ+QpCjuCZ90XiqoABwAF9w
Thread-topic: WMF vulnerability was a deliberate backdoor?

Microsoft response

http://blogs.technet.com/msrc/archive/2006/01/13/417431.aspx




-----Original Message-----
From: Brooks, Shane [mailto:SBrooks@xxxxxxxxxxxxxx] 
Sent: Friday, January 13, 2006 2:31 PM
To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: WMF vulnerability was a deliberate backdoor?


I've recently had my attention brought to a post from Steve Gibson in
the grc.com forums, which contains the following quote:

<snippet>
        The only conclusion that can reasonably be drawn is that this
[setAbortProc procedure] 
was a deliberate backdoor put into all of Microsoft's recent editions of
Windows. </snippet>

full article here:
http://www.grc.com/x/news.exe?cmd=article&group=grc.news.feedback&item=6
0006

thoughts?


Shane



_________________________________________________________

The information contained in this message is privileged, confidential
and 
intended only for use of the individual or entity addressed above.  If
you 
have received this communication in error, please immediately notify us
by reply and delete the same.  Thank you.

Prev by Date: [eVuln] Bit 5 Blog JavaScript Insertion Vulnerability
Next by Date: CounterPath eyeBeam Handing SIP header Vulnerabilities
Previous by thread: Re: WMF vulnerability was a deliberate backdoor?
Next by thread: MyBB 1.0.2 SQL injection
Index(es):
- Date
- Thread