> Not everyone working as a programmer is as good as you. Not everyone working as a programmer is any good.
sure. But then don't work on a security software suite. Or have bosses who properly code-review the commits.
During the time this vulnerability existed, machines running TrendMicro were infinitely less secure than machines not running the security software. This is severely wrong and IMHO warrants the very harsh tone.
This wasn't some obscure buffer overflow, sandbox escape vulnerability. This was running an RPC server over HTTP allowing full remote code execution over JSONp (or an <img> tag for that matter).
sure. But then don't work on a security software suite. Or have bosses who properly code-review the commits.
During the time this vulnerability existed, machines running TrendMicro were infinitely less secure than machines not running the security software. This is severely wrong and IMHO warrants the very harsh tone.
This wasn't some obscure buffer overflow, sandbox escape vulnerability. This was running an RPC server over HTTP allowing full remote code execution over JSONp (or an <img> tag for that matter).