On April 5, 2012, ICS-CERT issued an advisory regarding buffer overflows in the COM and ActiveX scripting interfaces to the ABB WebWare Server application discovered by Billy Rios and Terry McCorkle. Threatpost also covered the advisory as a follow up to previous coverage of Rios’ and McCorkle’s “100 Bugs in 100 Days” project. At first glance, it would be easy to be perplexed or outraged that a software vendor would refuse to provide a patch for a security issue. The reality is that this << More >>