[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    Re: A new Microsoft security bulletin and the OffloadModExpo func
From:       Alan Ramsbottom <ACR () ALS ! CO ! UK>
Date:       2000-04-14 13:35:24
[Download RAW message or body]


> From: Microsoft Security Response Center [mailto:secure@MICROSOFT.COM]

> 1) The vulnerability exists solely because of incorrect permissions
> on a registry key, and exists only in Windows NT 4.0.

Could you please clarify that last point? Between the bulletin and the faq
this comes across as a vulnerability affecting the current MS base CSPs
under NT4, whereas Sergio has asserted (twice now) and I agree that the
OffloadModExpo functionality isn't obviously present in any MS CSPs other
than under W2K.

-Alan-

----------------------------------------------------------------
Users Guide http://msdn.microsoft.com/workshop/essentials/mail.asp
contains important info including how to unsubscribe.  Save time, search
the archives at http://discuss.microsoft.com/archives/index.html

[prev in list] [next in list] [prev in thread] [next in thread]