MS said: "Microsoft is concerned that this new report of a vulnerability in Internet Explorer was not disclosed responsibly, potentially putting computer users at risk. We continue to encourage responsible disclosure of vulnerabilities. We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests. This practice helps to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities without exposure to malicious attackers while the update is being developed."
http://www.microsoft.com/technet/security/advisory/906267.mspx chaotic :> >>do you have a test page? >No. We used the public exploit to generate a specially crafted page. > > >Best regards, >FrSIRT / French Security Incident Response Team 24/7 >http://www.frsirt.com >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v1.4.1 (MingW32) >Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org > > >iD8DBQFDBew5OjxwThxio44RAoWgAJ9k5+qAasePjIG8OaOe2AFjBKsvjQCfVFuD >I0Yc2oleSNh/jqc8lKRxQp8= >=CAvW >-----END PGP SIGNATURE----- **************************************************************** KEY: 0xA7C69C5F PRINT: 694C 3495 BCC4 2F8B D794 6BD4 AF8B 457B A7C6 9C5F **************************************************************** _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
