New Security Flaw In Hotmail


Recommended Posts

Three weeks have passed and the problem still exists, according to Naamana. After three weeks Naamana decided to go public with the information in a hope that this will make Microsoft respond faster and fix the flaw.
And, of course, get his name recognised a little.
Link to comment
Share on other sites

Baha Naamana, who discovered this flaw reported his finding to Microsoft three weeks ago, and got a response from Microsoft Security Response Center that they will investigate the report, and they asked him not to disclose the information.

So they were looking in to it and told him not to disclose the information, and then he does? Did he wait to get a response back from them? Did he try to contact them again before making the information public?

I don't think he understands how busy MSRC is, and that he'd be doing more harm than anything else by making this information public.

Link to comment
Share on other sites

I was actually hoping this would be a good flaw, I was actually excited :shiftyninja: . Then i read it and Im like ".....another one of the 'a user has to be an idiot and click something from someone they don't know' flaws." Sure, on level it could be abused, but some of the more technical people arent going to click it unless they know who its from to BEGIN with. :rolleyes:

Link to comment
Share on other sites

Its microsoft's own fault. They have no status notification or current notification que if the issue has been resolved. It doesnt have to be anything complicated.

What do you expect, someone mentions to you a problem and you just say "ok".... what are they going to think? 99% of the time they will think, "he just ignored me". Not "Oh, they must be busy and are still working on it."

Link to comment
Share on other sites

Wow, what an ass. If nobody knows about the flaw how can it possibly be of any harm? ****ing off Microsoft by going against what they specifically said not to do won't earn him any brownie points, so why do it? Fame, recognition? Nobody is gonna remember Bananarama's name in a few weeks anyway, so his 15 seconds won't go very far.

Link to comment
Share on other sites

who still uses hotmail accounts ?

Millions of people at a guess, need u ask :p

Probably 99% of teenagers online in the uk.. you would be better asking a teenager if they dont. ;)

Link to comment
Share on other sites

It should not take so long for Microsoft to fix this problem, it's not like they need to distribute a patch to client, they just need to fix the server application.

Link to comment
Share on other sites

It should not take so long for Microsoft to fix this problem, it's not like they need to distribute a patch to client, they just need to fix the server application.

Well, considering Microsoft has other bigger fish to take care of, I don't think this is really a priority to them since its not being abused in a big scale and it has just been announced publicly.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.