In an e-mail response to TechWatch, Microsoft said, through its PR agency, Microsoft said that the company "is aware of third party mitigations that attempt to block exploitation of vulnerabilities in Microsoft software." The company "appreciate(s) the steps these vendors and independent security researchers are taking to provide our customers with mitigations," but doesn't vouche for ZERT's patch. Duh.Read on over here.
On the issue of patching unsupported OS's, though, Microsoft is a bit more stern. "These products have reached the point of architectural obsolescence. It would be irresponsible to convey a false sense of security by extending public support for these older products," the company said in an e-mail.
Patching of obsolete operating systems gives false feeling of security
Posted on Monday, October 02 2006 @ 6:00 CEST by Thomas De Maesschalck