There seems to be some discrepency here...
by
DataPath
·
· Score: 4, Interesting
From an AP article: "I doubt we will see an attack based on this," Cooper said. "It's pretty unlikely any such exploit attempt will get legs."
Russ Cooper is a security expert for TruSecure Corp., based in Herndon, Va.
There seems to be some disagreement on the exploitability of this.
-- Inconceivable!
Can bug affect hotmail or yahoo email?
by
Anonymous Coward
·
· Score: 1, Interesting
Or must you be using Outlook for email to be vulnerable to this bug? The Microsoft website is extremely vague on this matter.
Re:what day is it again?
by
AKnightCowboy
·
· Score: 2, Interesting
It is hump day...time to patch my Windows Boxes again... Crap...what is Thursday gonna bring!
Thursday, time to patch the SunRPC holes in Solaris. I WAS about to implement a central NFS server for our workstations, but Sun has so many problems with their RPC implementation resulting in root exploits I think I'll have to look for something else.
I sometimes wonder
by
sielwolf
·
· Score: 4, Interesting
If any of this does any good (outside of warning Windows admins). People who have used computers for twenty years still have no idea how these exploits and bugs work. They think that Kevin Mitnick can hack a computer with a telephone (ala Scanners) but don't think twice about double-clicking an email from "1337user@aol.com".
I sometimes think that education has been a problem, as all of these reports usually come with a verbose "what this does, what it doesn't, what you should do." So then I go on to think that it must be some sort of lethargy on the part of Joe End User. So then I think that a serious entrance learning curve would do the trick (i.e. stick every one on some old terminals).
But I think a threshold has been crossed. People now need to use computers. Colleges and businesses are going paperless, demanding a higher level of computer savvy... but all the while ignoring basic user compotence. Computer use is either "so simple a monkey could do it" or "impossible for anyone but geeks to understand". It's as if most users are satisfied to never understand how their "magic box" works.
This wouldn't bother me too much if it didn't seem that this same disease has seemingly infected a significant minority of admins out there (considering how ridiculously some of these viruses spread). Of course many of these seem to be (in my experience) non-CS academic types who "need" Unix workstations but are uninterested in protecting them.
-- What is music when you despise all sound?
Contradictions from the experts
by
dstone
·
· Score: 5, Interesting
Russ Cooper, moderator of the NTBugTraq security list and a security expert for TruSecure Corp., seems to be contradicting himself in two stories on the same day (or is being misquoted). Make of this what you will...
This story quotes Cooper: "I do expect that in the next seven to 10 days we're going to see a worldwide wave" of attacks, probably via an Internet worm, Cooper said Wednesday. "And it will be effective."
And this story quotes Cooper: ""I doubt we will see an attack based on this," Cooper said. "It's pretty unlikely any such exploit attempt will get legs.""
Windows Update not working?
by
mtcrowe
·
· Score: 5, Interesting
Has anyone tried to use Windows Update to grab this patch? I'm running WinXP at work and just tried to hit Windows Update to let it auto-magically determine which update(s) to send to me. However - it came back and said everything was already hunky dory, no patches available.
I checked www.microsoft.com/security and looked up the MS03-008 patch for XP. It had a Qfix number starting with 8. I then compared against the Qfixed installed in my add/remove programs listing and it wasn't there...
I'm wondering whether they forgot to include that patch on the WU site for WinXP users. Seems to me like that would be one of the most critical places to put it for all of the normal user-folk.
So, I manually downloaded and installed the "Js56en" patch on WinXP and it took.
As an aside - I was very concerned when MS announced the Windows Scripting Host functionality. My thinking at the time (and again now) is that they allow so many file types to be executed that there's just no way they can keep all of the bugs out of all of those interpreters. Figured it would just be a matter of time..
I can't believe I read it here first
by
perp
·
· Score: 2, Interesting
From the advisory, which is now in my mailbox, (though it wasn't a few hours ago when I left work) Microsoft was initially notified last July, iDefense's (paying) clients were notified in January and we, the great unwashed, are just hearing about this now.
Actually the receptionist(!) at work forwarded me a news story about this from the local tabloid newspaper this afternoon, but the article was so non-technical that it was impossible to tell what exploit they were talking about (and there were no links), so I postponed looking into it until I heard more.
I read BugTraq religiously. Looks like I need to get another religion if I want to save my soul, let alone my ass. Fortunately, at our site, use of either IE or Outlook is punishable by a severe whacking, so we shouldn't be too badly off.
-- There are two kinds of sysadmins: paranoids and losers. I'm both kinds.
Re:For the lazy......
by
nolife
·
· Score: 2, Interesting
Microsoft said customers using the newest versions of its e-mail software, Outlook Express 6 and Outlook 2002, were protected from hackers trying to exploit the problem using e-mails.
They should have add the following, "or if you are using just about any other mail reader besides ours."
I love how MS attempts to twist the story here and appears to make it look like you should only be using the most recent versions of THEIR software to be safe. They completely fail to mention that the only reason any of this is possible is bacause of their software and its integration into IE and the OS. If you were using almost ANY OTHER email program not designed by them or one that did not use their glob job interent settings you would be safe also. I use Pegasus and it is not effected by this at all.
-- Bad boys rape our young girls but Violet gives willingly.
Slashdot Mirror
From an AP article:
"I doubt we will see an attack based on this," Cooper said. "It's pretty unlikely any such exploit attempt will get legs."
Russ Cooper is a security expert for TruSecure Corp., based in Herndon, Va.
There seems to be some disagreement on the exploitability of this.
Inconceivable!
Or must you be using Outlook for email to be vulnerable to this bug? The Microsoft website is extremely vague on this matter.
Thursday, time to patch the SunRPC holes in Solaris. I WAS about to implement a central NFS server for our workstations, but Sun has so many problems with their RPC implementation resulting in root exploits I think I'll have to look for something else.
If any of this does any good (outside of warning Windows admins). People who have used computers for twenty years still have no idea how these exploits and bugs work. They think that Kevin Mitnick can hack a computer with a telephone (ala Scanners) but don't think twice about double-clicking an email from "1337user@aol.com".
I sometimes think that education has been a problem, as all of these reports usually come with a verbose "what this does, what it doesn't, what you should do." So then I go on to think that it must be some sort of lethargy on the part of Joe End User. So then I think that a serious entrance learning curve would do the trick (i.e. stick every one on some old terminals).
But I think a threshold has been crossed. People now need to use computers. Colleges and businesses are going paperless, demanding a higher level of computer savvy... but all the while ignoring basic user compotence. Computer use is either "so simple a monkey could do it" or "impossible for anyone but geeks to understand". It's as if most users are satisfied to never understand how their "magic box" works.
This wouldn't bother me too much if it didn't seem that this same disease has seemingly infected a significant minority of admins out there (considering how ridiculously some of these viruses spread). Of course many of these seem to be (in my experience) non-CS academic types who "need" Unix workstations but are uninterested in protecting them.
What is music when you despise all sound?
Russ Cooper, moderator of the NTBugTraq security list and a security expert for TruSecure Corp., seems to be contradicting himself in two stories on the same day (or is being misquoted). Make of this what you will...
This story quotes Cooper: "I do expect that in the next seven to 10 days we're going to see a worldwide wave" of attacks, probably via an Internet worm, Cooper said Wednesday. "And it will be effective."
And this story quotes Cooper: ""I doubt we will see an attack based on this," Cooper said. "It's pretty unlikely any such exploit attempt will get legs.""
Has anyone tried to use Windows Update to grab this patch? I'm running WinXP at work and just tried to hit Windows Update to let it auto-magically determine which update(s) to send to me. However - it came back and said everything was already hunky dory, no patches available.
I checked www.microsoft.com/security and looked up the MS03-008 patch for XP. It had a Qfix number starting with 8. I then compared against the Qfixed installed in my add/remove programs listing and it wasn't there...
I'm wondering whether they forgot to include that patch on the WU site for WinXP users. Seems to me like that would be one of the most critical places to put it for all of the normal user-folk.
So, I manually downloaded and installed the "Js56en" patch on WinXP and it took.
As an aside - I was very concerned when MS announced the Windows Scripting Host functionality. My thinking at the time (and again now) is that they allow so many file types to be executed that there's just no way they can keep all of the bugs out of all of those interpreters. Figured it would just be a matter of time..
From the advisory, which is now in my mailbox, (though it wasn't a few hours ago when I left work) Microsoft was initially notified last July, iDefense's (paying) clients were notified in January and we, the great unwashed, are just hearing about this now.
Actually the receptionist(!) at work forwarded me a news story about this from the local tabloid newspaper this afternoon, but the article was so non-technical that it was impossible to tell what exploit they were talking about (and there were no links), so I postponed looking into it until I heard more.
I read BugTraq religiously. Looks like I need to get another religion if I want to save my soul, let alone my ass. Fortunately, at our site, use of either IE or Outlook is punishable by a severe whacking, so we shouldn't be too badly off.
There are two kinds of sysadmins: paranoids and losers. I'm both kinds.
Microsoft said customers using the newest versions of its e-mail software, Outlook Express 6 and Outlook 2002, were protected from hackers trying to exploit the problem using e-mails.
They should have add the following, "or if you are using just about any other mail reader besides ours."
I love how MS attempts to twist the story here and appears to make it look like you should only be using the most recent versions of THEIR software to be safe. They completely fail to mention that the only reason any of this is possible is bacause of their software and its integration into IE and the OS. If you were using almost ANY OTHER email program not designed by them or one that did not use their glob job interent settings you would be safe also. I use Pegasus and it is not effected by this at all.
Bad boys rape our young girls but Violet gives willingly.