[Dshield] Re: An unfixed highly critical...

wulfman wulfman at charter.net
Sun Apr 18 21:09:43 GMT 2004


I set up HelpCtr.exe as a resticted application in my firewall inbound and
outbound. Then changed file associations for Help Center services to open
these files in a bin/hex editor rather than its default association with
HelpCtr.exe. Then killed the service and disabled it. I'm not sure this
service gets a whole lot of actual valid use anyway... Prudent? Dumb? Any
suggestions? input? Am I still suffering from UPNP/SSDP Discovery Service
vulnerability flashbacks? (MS-SSDD vulnerability...? chuckle)

I keep my systems updated, but have seen plenty of examples of a patch being
quickly circumvented because it was too specific for the coding of the
exploit. Does the patch actually fix security for the service or does it
only address one possible exploit of the vulnerability? With M$ it can very
often be hard to tell. They seem to have a strategy of minimal response to
security issues... Fixing only enough to address a symptom, and then
dragging their feet on fixing the root cause of serious problems.

anyone know for sure?


More information about the list mailing list