[Full-disclosure] Security Bug in MSVC
Stan Bubrouski
stan.bubrouski at gmail.com
Tue Jan 17 22:57:14 GMT 2006
On 1/17/06, ad at heapoverflow.com <ad at heapoverflow.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I think ms wont fixe any bug in vstudio, I have told them if they will
> fix the vs2005 issue published recently and they said me exactly what
> is on your support page:
>
> "Only open project files that come from trusted sources."
>
Yeah but hasn't it always been the case that you can execute pretty
much anything from a msvs project file anyways?
>
> or "Only open WMF files that come from trusted sources." would have
> been less effort than releasing a patch then lol :D
>
-sb
Full-Disclosure is hosted and sponsored by Secunia.