Paul Heinlein wrote: > > 04/12/2009 - Vendor notified. > > 04/12/2009 - Vendor response. > > 11/01/2010 - Status update requested. > > 12/01/2010 - Vendor provides status update. > > 30/03/2010 - Vendor provides status update. > > 27/04/2010 - Vendor provides status update. > > 26/05/2010 - Vendor provides status update. > > 08/06/2010 - Public disclosure. > > 15.75 months to respond to a critical vulnerability in one of the most > widely used business applications the world has seen? w00t.
Ummmm -- your US-centric view of dates is showing rather obviously, unless you can explain the unexpected appearance of a 27th month this year -- one that, even more oddly, cam after the 30th month and before the 26th, which itself came before the 8th month which itself has come before we've reached the middle of the June, the 6th month... Or maybe your US-centric view of dates coupled with your loathing of MS blinded you to your date inadequacies? Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/