The Black Hat security conference had a last-minute cancellation of a presentation by a group of researchers scheduled to reveal a dangerous software vulnerability. Organizers promoted a talk that would be on the scale of the flaw in the DNS (Domain Name System) highlighted by a security researcher at Black Hats U.S. conference in July 2008.
The flaw is so sensitive that even revealing the vendor affected could potentially cause hackers to start poking around with applications or operating systems to try to figure it out, said Black Hats CEO. The unnamed vendor has told the researchers that it could have a patch ready in a month or so, but it could take as long as four months. http://www.pcworld.com/businesscenter/article/163253/black_hat_supertalk_halted _due_to_vendor_concerns.html OK, we have a really, really, serious bug, and it's going to take up to four months to get a patch out. Any bets on the vendor? :-) ====================== (quote inserted randomly by Pegasus Mailer) [email protected] [email protected] [email protected] It is better, of course, to know useless things than to know nothing. - Seneca http://victoria.tc.ca/techrev/rms.htm http://blog.isc2.org/isc2_blog/slade/index.html http://twitter.com/rslade http://blogs.securiteam.com/index.php/archives/author/p1/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
