[unisog] Blaster spin

Gary Flynn flynngn at jmu.edu
Sat Aug 16 19:28:51 GMT 2003


Valdis.Kletnieks at vt.edu wrote:

> The biggest problem is avoiding the liability issues if the cleanup and patch
> apply fail (and remember - applying the patch for MS03-026 in the *official*
> manner often fails but claims it installed).  There's also the minor fact that in
> most places, it would count as unauthorized access and get you jail time.

There isn't anything on the Windows Update site that says patches will
be applied by HTTP/FTP/ActiveX activation. In the fine print it could say,
"patching done by RPC buffer overflow". These access control thingies
just get in the way anyway. :)

-
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe



More information about the unisog mailing list