Microsoft is up in arms over a French security team’s decision to make a potential vulnerability in Windows 2000 Service Pack 4 and Microsoft Windows XP SP1 public. The French Security Incident Response Team published details about a proof-of-concept exploit that targets the vulnerability without first informing Microsoft. Winny Thomas claims he came across a condition where a specially crafted request to upnp_getdevicelist would cause services.exe to exhaust a machine’s virtual memory.
Loading ...
Microsoft Rebukes Security Researcher
Posted by: Jennifer LeClaire November 21, 2005 01:18 PMMicrosoft is up in arms over a French security team’s decision to make a potential vulnerability in Windows 2000 Service Pack 4 and Microsoft Windows XP SP1 public. The French Security Incident Response Team published details about a proof-of-concept exploit that targets the vulnerability without first informing Microsoft. Winny Thomas claims he came across a condition where a specially crafted request to upnp_getdevicelist would cause services.exe to exhaust a machine’s virtual memory.