Agreed, I spoke a bit too fast. Peter Kruse e-mail me directly and stated the same. Thanks for pointing that out.
> -----Original Message----- > From: Larry Seltzer [mailto:[EMAIL PROTECTED] > Sent: Tuesday, January 11, 2005 2:04 PM > To: Todd Towles; 'Mailing List - Full-Disclosure' > Subject: RE: [Full-Disclosure] FW: New Security Patches from Microsoft > > >>No IE patch, it would seem. > > No, but... > > > MS05-001 (Critical)Vulnerability in the Indexing Service > Could Allow > > Remote Code Execution (871250) Vulnerability in HTML Help > Could Allow > > Code Execution (890175) > > http://www.microsoft.com/technet/security/Bulletin/MS05-001.mspx > > > > MS05-002 (Critical) > > Vulnerability in Cursor and Icon Format Handling Could Allow Remote > > Code Execution (891711) > > http://www.microsoft.com/technet/security/Bulletin/MS05-002.mspx > > > > Both of these address problems that have been exploited through IE. > These are the ones that have gotten so much recent publicity. > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
