[25776] in bugtraq
Re: Microsoft releases critical fix that breaks their own software!
daemon@ATHENA.MIT.EDU (mattmurphy@kc.rr.com)
Thu Jun 13 20:11:03 2002
Date: 13 Jun 2002 22:08:47 -0000
Message-ID: <20020613220847.13609.qmail@www5.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: <mattmurphy@kc.rr.com>
To: bugtraq@securityfocus.com
In-Reply-To: <009301c2129f$58ff1f90$3701a8c0@stingray>
>What classic MS, their newest critical alert dealing with the Gopher Root
>Vulnerability discussed on Security Focus last week
>[http://online.securityfocus.com/news/464] seems to break windows media
>player.
>
>Is there any validity to this- and, does their fix work?
>
>More info on the microsoft critical alert:
>http://www.microsoft.com/technet/treeview/default.asp?
url=/technet/security/
>bulletin/MS02-027.asp
>More info on the breakage: http://www.pivx.com/workaround_fail.html
Not a bit of validity to this; WMP 7.1 successfully initialized and did
not give any errors (fresh install), with the Gopher proxy set to
localhost:1. BTW I don't think it was MS that proposed the proxy
workaround, that was Online Solutions (http://www.solutions.fi/) that did
that. I sent an e-mail to PivX concerning a *multitude* of inaccuracies
and omissions from their "Gopher Smoker" workaround. No response from
PivX on that. I will have to investigate this, but doesn't installing
such a fix like "Gopher Smoker" invalidate support contracts?
