In association with heise online

18 October 2007, 15:10

Unofficial Windows URI patch flawed

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

In a somewhat shame-faced posting to Full Disclosure, KJK::Hyperion reports a bug in his original unofficial patch for the URI vulnerability, for which Microsoft finally accepted responsibility a week ago. In his own words, "I just found a gruesome memory leak in it. A silly bug, brown paperbag-grade shame." However, he has already posted a new version that supposedly fixes this problem, although independent patches such as this must always be treated with extreme caution. Meanwhile we still await an official solution from Microsoft.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit