[Dshield] distributing windows updates (was: Proxy attackers/hijackers)

Johannes Ullrich jullrich at euclidian.com
Tue Oct 21 17:47:15 GMT 2003

> ...what if some enterprising cracker starts distributing bogus patch CDs
> that also install backdoor software?

has been done. See the most recent virus ('Swen' ?) that advertised
itself as a patch. There have been others like that before.

This is also one of MSFT's main arguments to prohibit the unauthorized
distribution of patches.

Johannes Ullrich                     jullrich at euclidian.com
pgp key: http://johannes.homepc.org/PGPKEYS
   "We regret to inform you that we do not enable any of the 
    security functions within the routers that we install."
         support at covad.net

More information about the list mailing list