AMEN to blame MS or eEye for this is bogus. This crap should never had been allowed a voice on this forum. It is totally wrong and whoever wrote this email I hope got flamed on securityfocus for this.
Time to set the facts straight.
eEye before releasing the proof of concept code reported the hole to MS 2 weeks before the code was released on their site. During this 2 week period MS made available on their site a patch to fix this vulnerability the same patch which is downloaded now to fix this probblem. This poatch has been out for more than a month. If whoever I dont care if its a home abUSER or a network admin at and company active or inactive had ample time to install this p[atch before code red started propigating. If who ever was in charge of the machine were to even keep up with windowsupdate they would have been safe.
I find myself for the first time sticking up for micro$oft funny thought i'd never do this but I dont feel this was their fault as soon as the exploit was brought to their attention a fix was available (NO SLEDGEHAMMER NEEDED). eEye is not to blame eitther instead to be praised for first going to MS with the problem and them explaining in detail what to look for and demonstrate in a quite sobering yet safe way what can happen if the patch which was available as a link to MS's site from theirs by the down of the proof on fconcept code is not applied.
People here flaming MS for this especially the ones who run *nix and sit there hollaring HAHAHA look at MS they screwed up LOL need to remember one word "li0n" and the many clones of that worm that followed.
From a Linux Administrator who feels a system is only as secure as the administrator makes it.
Slashdot Mirror
BTW what OS you run.
Ahh that new one with not a single flaw in it right???
All OS's are explotable. Its up to the administrator to make sure they are up to date and as secure as possible.
Yeah and i never have to change the brakes on my car.
Enough said. eEye released the code to MS 2 weeks before made public. Fix was on MS's site before you even heard about the buffer overflow.
AMEN to blame MS or eEye for this is bogus. This crap should never had been allowed a voice on this forum. It is totally wrong and whoever wrote this email I hope got flamed on securityfocus for this.
Time to set the facts straight.
eEye before releasing the proof of concept code reported the hole to MS 2 weeks before the code was released on their site. During this 2 week period MS made available on their site a patch to fix this vulnerability the same patch which is downloaded now to fix this probblem. This poatch has been out for more than a month. If whoever I dont care if its a home abUSER or a network admin at and company active or inactive had ample time to install this p[atch before code red started propigating. If who ever was in charge of the machine were to even keep up with windowsupdate they would have been safe.
I find myself for the first time sticking up for micro$oft funny thought i'd never do this but I dont feel this was their fault as soon as the exploit was brought to their attention a fix was available (NO SLEDGEHAMMER NEEDED). eEye is not to blame eitther instead to be praised for first going to MS with the problem and them explaining in detail what to look for and demonstrate in a quite sobering yet safe way what can happen if the patch which was available as a link to MS's site from theirs by the down of the proof on fconcept code is not applied.
People here flaming MS for this especially the ones who run *nix and sit there hollaring HAHAHA look at MS they screwed up LOL need to remember one word "li0n" and the many clones of that worm that followed.
From a Linux Administrator who feels a system is only as secure as the administrator makes it.