Wow... so, I'm listening to the webcast while doing my work today. I just heard him (the male presenter) say (three times now) that because some of the vulnerabilities have *not been publicly disclosed* that they are *not publicly exploitable*.
*OMFG*.
MS exploit motto?
<teasing_baby_voice> Peek-a-booo! If you can't see me, I can't see you! </teasing_baby_voice>
I guess they are just trying to reinforce their recent idea that 0dayz == NULL and only patches beget exploits. While obviously wrong, this /is/ a handy PR stance I guess. If they say it enough times, it might just become true too, right? (Developers, Developers, Developers....)
Heheheh -- Sorry, too much sugar this afternoon.
-- dk _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
