[Dshield] How to get patched without getting infected?

Johannes B. Ullrich jullrich at sans.org
Sat Aug 16 20:47:10 GMT 2003


This message was converted from multipart/signed to ascii armored
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Prefered way: Burn the patch, and to make sure the scanner/cleanup kit,
to a CD. Use this CD to install the patch (see the Microsoft blaster
page. There is a link to it from the top right corner of microsoft.com)

Alternative: First close the XP firewall, then connect the system and
download the patch. Again, the MSFT "Blaster page" has more detailed
instructions.



On Sat, 2003-08-16 at 16:27, Jon R. Kibler wrote:
> Greetings:
> 
> First, let me preface this with I am not a Windows expert by any means... (we are primarily a Solaris shop and we only have a few old NT/4.0 systems that we are slowly getting rid of, and these are on an isolated internal network behind several fire walls) so this question never occurred to me:
> 
> I just had someone call who said that they had a PC using Windows/XP that was unpatched. They had not been on the Internet since last weekend. However, now they were afraid to go on the Internet because of the worm. They wanted to know how they could patch their system without first going on the Internet to get the patch and risk getting infected while downloading the patch.
> 
> I am clueless how to answer their question... any thoughts?
> 
> Also, is the old URL Microsoft gave for the DCOM patch still usable?
> 
> Thanks!
> Jon R. Kibler
> A.S.E.T., Inc.
> Charleston, SC  USA
> 
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
-- 
SANS - Internet Storm Center
http://isc.sans.org
PGP Key: http://isc.sans.org/jullrich.txt

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQA/PphNR1p7hYJvB/wRAreYAJ4mhBxxE/21UbM/I5L4OuU7FpfPpgCgn1Gr
d1IWo6LC/T7EX+eYUoC9sQk-----END PGP SIGNATURE-----

--
SHA1



More information about the list mailing list