[CodeMonkey]

I concur with the bit about it not being fair to Microsoft to release a newly discovered security hole's existance immediately.

[CheneyChick]

Hi CodeMonkey,

Your name reminds me of the Ballmer Monkey Boy video (click on picture):

Cheers, CC :)

[mikegi]

That's not to say the security community isn't prone to a particular brand of lunacy all of its own. My colleague Josh Mehlman is familiar with the particular psychological disorder that seems to plague certain pockets of the IT world. His gripe is with Linux fundamentalists--you know, the guys with penguin socks who write MS as "M$" because they think they're making a social commentary.

I'm waiting the fundamentalists to show up here with their "Get Penguined" comments and bitmaps!

One thing that Ballmer had in mind with his comments are websites like xfocus.org. Does anyone think it is a good thing for them to have this page on their website: Analysis of RPC Long Filename Heap Overflow. There is absolutely no legitimate use for this code other than to spread viruses and worms.