Absolutely, I posted that same message in a MS specific listserv today. My comments were along the lines of treat it like a purchased app and set up a new team to rebuild the app from the ground up, all new code. That way all of the hidden nuggets waiting to bite people are gone and you can say from the ground up security is considered. Anything built on old legacy code can always be questioned as unsafe given the number of old issues that keep popping up even now.
joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ron DuFresne Sent: Monday, June 21, 2004 5:07 PM To: joe Cc: [EMAIL PROTECTED] Subject: RE: [Full-Disclosure] M$ - so what should they do? [SNIP} > > The second one, I concur completely, get the App stuff out of the > Windows folders. > Which includes IE. Thanks, Ron DuFresne _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html