• khannie@lemmy.world
    link
    fedilink
    English
    arrow-up
    17
    ·
    9 months ago

    Their wording is actually quite deliberate. They say there isn’t one being exploited, but they do not explicitly say that there isn’t a RCE vulnerability.

    It kinda stinks of ass coverage.

    “I did not have sexual relations with that woman”

    • Maalus@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      9 months ago

      It stinks of lawyers checking the press release. They can’t say “there is none” in the offchance that someone, sometime finds one. Then clients could point to this press release saying “SEE, YOU TOLD US THERE WAS NONE AND 25 YEARS LATER WE FOUND ONE”. I bet they are telling the truth, just ran through a lawyer and PR team.

    • CrypticCoffee@lemmy.ml
      link
      fedilink
      English
      arrow-up
      4
      ·
      9 months ago

      Yeah, it stood out to me.

      It’s always in what they don’t say.

      If they say it’s not a RCE vulnerability, it could still be a privilege escalation vulnerability etc. They avoided saying their software isn’t being exploited or “we have seen no evidence our software has been compromised”, or “there is no clear signs…”.

      Which gives a little wriggle room.