[17955] in bugtraq
Another tidbit about the new Microsoft advisory format
daemon@ATHENA.MIT.EDU (Richard M. Smith)
Fri Dec 8 00:18:10 2000
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <ONEILKPECNHHJLENAGFMAEJFDGAA.rms@privacyfoundation.org>
Date: Wed, 6 Dec 2000 15:34:30 -0500
Reply-To: "Richard M. Smith" <rms@PRIVACYFOUNDATION.ORG>
From: "Richard M. Smith" <rms@PRIVACYFOUNDATION.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <3A2D2F40.B360380C@ursine.com>
Hello,
One thing that I noticed about the new Microsoft
security bulletins is that they now contain Web bugs. The bugs
look like they are used to count the number of people coming
to read the bulletins. Here is the URL for one of these bugs:
http://c.microsoft.com/trans_pixel.asp?source=www&TYPE=PV&p=technet_security
_bulletin
I didn't see a <IMG> tag for the bug, so I'm assuming
it is generated by one of the JavaScript files included
on the page.
One thing that Microsoft is learning here is what
bulletins people consider important. With the older format,
where all the info was in an email message, they
did not get this feedback.
I don't see the use of Web bugs here as a big deal,
but still interesting.
Richard
