[HawaiianGecko]

 

"I don't know about that. Doesn't Microsoft do code reviews of stuff they put in windows?"

I agree. The Lee Harvey Oswald theory of a lone renegade programming doesn't fly at all. You don't check out code for modification that isn't reviewed and tested to the max in an organization as large as Microsoft.  I'm not saying it's a bug and therefore not intentionally done, but it took more than one person to pull this off if it is intentional. 

[zeugma]

I agree. The Lee Harvey Oswald theory of a lone renegade programming doesn't fly at all. You don't check out code for modification that isn't reviewed and tested to the max in an organization as large as Microsoft. I'm not saying it's a bug and therefore not intentionally done, but it took more than one person to pull this off if it is intentional.

Indeed. One would think having a executible jump in a media file would be a flag thrown up. This is especially true IMO if the jump can only be triggered by a malformed request. If they try to claim the jump was included to conform to some specification, why not have the trigger execute a NOP instead of untrusted (and unknowable) code?