Why did Microsoft wait 7 years to fix SMBRelay attack flaw?

TalkBack 1 of 70:: Next »

Thread View
Flat View

Sour over mis-predicting the patches this month?: First off, does anyone proof-read these posts? Multiple typos/grammatical errors make it look like this was rushed out... Anyway.

Mentioning the token-kidnapping issue makes me wonder if Ryan is sour that his patch prediction (on Twitter) was wrong?; Posted by: cypherpunk@... Posted on: 11/12/08 You are currently: a Guest | Members login | Terms of Use

Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Sour over mis-predicting the patches this month? cypherpunk@... | 11/12/08

prediction Ryan Naraine

| 11/12/08

So what was your solution? GuidingLight | 11/12/08

Fix it! TripleII | 11/12/08

I agree with your assessment 914four | 11/12/08

Erm ... nope! de-void | 11/13/08

Did you get it? daengbo | 11/13/08

Still doesn't change the the issue Pliny the Elder | 11/12/08

That depends. 914four | 11/14/08

One Size Fits All Yagotta B. Kidding | 11/12/08

Well, they were busy 914four | 11/12/08

You do know what SMB is, right? de-void | 11/13/08

Get real fr0thy2 | 11/18/08

You don't.... Sleeper Service | 11/12/08

Sour over MS's security incompetence more like it.. AzuMao | 11/12/08

Twitter? Resuna | 11/14/08

Statistics Yagotta B. Kidding | 11/12/08

What forest? kozmcrae | 11/12/08

Ryan is Archie Bunker FireThorn | 11/12/08

The answer is so very simple Einstein! Linux User 147560 | 11/12/08

It's a legitimate question. ye | 11/12/08

Has WEP been fixed? NonZealot | 11/12/08

Then perhaps... Stuka | 11/12/08

Um, they did NonZealot | 11/12/08

Diid I miss something? mdsock@... | 11/12/08

NTLMv2 has everything to do with it NonZealot | 11/12/08

The problem is Windows still supports NTLM. ye | 11/12/08

Should we start banning insecure protocols? Marty R. Milette | 11/12/08

@Marty R. Milette: No where did I say MS should do away with NTLM. ye | 11/13/08

The NTLM issue is a bug not an inherent weakness. ye | 11/12/08

WEP thx-1138_@... | 11/13/08

Perhaps he could have... 914four | 11/12/08

Isn't fixing it MS' responsibility? davidr69 | 11/12/08

Something didn't smell right with this story NonZealot | 11/12/08

Why didn't MS pitch these solutions? davidr69 | 11/12/08

Your IT staff needs to be fired NonZealot | 11/12/08

nice post, NonZealot jacec | 11/12/08

Welcome to the real world davidr69 | 11/13/08

You don't need admin rights in a user account wolf_z | 11/13/08

RE: Why did Microsoft wait 7 years to fix SMBRelay attack flaw? ca1ic0cat | 11/12/08

RE: Why did Microsoft wait 7 years to fix SMBRelay attack flaw? rocketman67 | 11/12/08

The Bean counting Mac ad is more funny now Randalllind | 11/12/08

But they did fix it. (nt) NonZealot | 11/12/08

Yeah, like the... Media-Ted@... | 11/13/08

Whether anyone exploited the vulnerability or not Shelendrea | 11/12/08

Did you get an intrusion in these 7 years? NO qmlscycrajg | 11/13/08

did you open port TedKraan | 11/13/08

Your "journalism credentials" should be revoked. open minded | 11/13/08

AMEN dnaetoa | 11/13/08

Did I Miss The Memo? mikefarinha | 11/13/08

Not exploited because ... davidr69 | 11/13/08

Just Silly mikefarinha | 11/13/08

DOD asked MS to delay the patch. Dilberter | 11/13/08

RE: Why did Microsoft wait 7 years to fix SMBRelay attack flaw? iamanerd | 11/13/08

You'd better do your some studying... Marty R. Milette | 11/13/08

You're kidding, right? thx-1138_@... | 11/14/08

Maybe a moronic simplification... Marty R. Milette | 11/14/08

After the first sentence ... thx-1138_@... | 11/14/08

Actually, I have... Marty R. Milette | 11/15/08

A right ... thx-1138_@... | 11/16/08

nt mikefarinha | 11/13/08

What about IE iFrame Exploit? bbneo | 11/13/08

I thought Apple was slow at fixing the DNS flaw... Ed Lin | 11/13/08

Same reason Microsoft hasn't killed ActiveX Resuna | 11/14/08

Why does nobody understand the purpose? Marty R. Milette | 11/15/08

When ActiveX is bad... Raymond Danner | 11/15/08

We can agree to disagree... Marty R. Milette | 11/15/08

Yeah, and compared to Linux and distros that descend from it.... Predator106 | 11/15/08

You're probably too young to remember... Marty R. Milette | 11/15/08

There are plenty of people to complain to... Li1t | 11/15/08

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

VMware Infrastructure: A Guide to Bottom-Line Benefits VMware Frustrated by the costs of maintain ever larger data centers?or building ... Download Now
Building the Virtualized Enterprise with VMware Infrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
Five Steps to Determine When to Virtualize YourServers VMware Server virtualization isn't just for big companies. Entry-level ... Download Now

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Meet Doc

Here to help you with your Document Management Needs
Doc is an enigma. Born to a Russian ballerina and a German electrical engineer, he grew up in various locations in the United States. He’s seen the insides of more brands, versions, and generations of printer and printer-related hardware than almost anyone.
To learn more about this mysterious figure check out his blog on ZDNet and his Workspace on TechRepublic. You’ll be glad you did.
Produced by
ZDNet and

Read the original story

Why did Microsoft wait 7 years to fix SMBRelay attack flaw?

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Meet Doc

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads