[Dshield] Re: [Larholm/PivX] Proxy attackers/hijackers

John Sage jsage at finchhaven.com
Sat Oct 18 13:05:05 GMT 2003


A thought or two..

On Fri, Oct 17, 2003 at 10:06:53PM -0700, Thor Larholm wrote:

/* snip */

> Regards
> Thor Larholm
> PivX Solutions, LLC - Senior Security Researcher
> http://pivx.com/larholm/ - Get our research, join our mailinglist

Remember that PivX is the "security company" that has just:

"...seen a sea change in Microsoft's commitment to rid its IE browser
of the vulns that PivX Solutions and other third party researchers have
identified. Given Microsoft's recent positive actions together with
the current rise in attacks against IE we have agreed to give
Microsoft a good faith reprieve and have taken down our 'Unpatched'
page..."

http://www.pivx.com/larholm/unpatched/

"...This reprieve will allow MS to develop and review their test
cases, patches and Service Packs in a more normal, predictable and
unforced manner...Secondly, we are developing a mitigation utility
tool that will act as a "Qwik Fix" to many of the IE vulns that MS is
working on patching presently. This utility will buy Microsoft more
time to develop, test and release patches in the manner described
above..."

So apparently PivX is willing to give Micro$oft a resounding "Atta
Boy!" and be content with just parroting the Micro$oft party line
mantra "Patch! Patch! Patch!"

And of course, they'll have a product they'll be happy to sell you to
keep you afloat between patches :-)


Remember, Micro$oft users, if you get cracked, its all your fault
because you don't keep up with the deluge of patches necessary to keep
a Window$ system maginally safe!


To add to the fun, Micro$oft patches are now to be released on a
once-a-month basis, ref:

http://www.microsoft.com/technet/security/bulletin/revsbwp.asp 

"In response to extensive customer feedback, Microsoft is implementing
changes in the way security bulletins are released. These changes will
help enhance the manageability and predictability of the patch
management process for customers.

Security bulletins will normally be released on the second calendar
Tuesday of every month. However, the first monthly bulletins will be
released on Wednesday, October 15, 2003."


A once-a-month release of patches? You're talking gigabytes.

And of course, you'll be wide open 'till the next month's patch is
released, but that's no problem, in some people's minds. I'm sure that
the "security companies" that have bought into Micro$oft's newest
"innovation" will have something to sell you.

In closing:

"If it's good enough for PivX and Micro$oft, it's good enough for
you!"



- John
-- 
"Most people don't type their own logfiles;  but, what do I care?"
-
John Sage: InfoSec Groupie
-
ABCD, EFGH, IJKL, EmEnOh, Pplus+, Mminus-
-
ATTENTION: this entire message is privileged communication, intended
for the sole use of its recipients only. If you read it even though
you know you aren't supposed to, you're a poopy-head.




More information about the list mailing list