Lessons Learned from the Animated Cursor bug

I just posted an analysis over on the SDL blog of the lessons we learned from the recent animated curser (ANI) bug.

Comments

• Anonymous
  April 26, 2007
  That's a great kick-off.  I look forward to that setting the tone of the SDL blog. Impressive work.

• Anonymous
  April 26, 2007
  One thing that I find disappointing is that most security bulletins don't mention whether DEP prevents the exploit.  I have DEP enabled by default (OptOut) and so should be immune from most of the stack-based overflows, but often need to consult 3rd-party information to determine whether I am protected from a given exploit.

• Anonymous
  May 03, 2007
  I'm haveing a problem with the security on my computer.It will not let me download and I cannot right click to copy ect.  Yahoo.ca have covered my explorer icon and I cannot know what to do.I read their solving and it say it has to do with XP 2. Please assist if you can. Thank for reading this. Sincerely Jeanne

• Anonymous
  May 17, 2007
  I join to Mark Sowul's comment that nothing is said about DEP in security buletins.