by canvia on 2/10/15, 9:54 PM with 1 comments
by blucoat on 2/11/15, 12:42 AM
I have no experience using Active Directory. Is this common practice? I would personally not even classify this as a bug; it seems like common sense that running code downloaded from an unauthenticated connection is bad. How is this different from saying there are critical security bugs in http/ftp, since the same type of attack is possible (but well known)?