>>Sure am glad you put that notice in there, here I was getting all hot and bothered that you were giving people a road map to the exploit. Here I was wondering why a security vendor would be increasing the risk model by releasing details which will save the "bad guys" weeks of research on the day of the patch release, giving the "good guys" even less time to regression test this patch in their environment and mitigate any harmful side effects.<<
Why is that such a problem when you don't seem to care that both eeye and Microsoft have had full remote anonymous access to all your Windows systems for the past 5 months? Kinda handy if a vendor could just walk into your billing system to see how much you bill each month so they could figure out how much to charge you... Geo. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
