[Full-Disclosure] Potential Microsoft PCT worm (MS04-011)

From: Alerta Redsegura (alerta_at_redsegura.com)
Date: 04/24/04

Next message: Ian Latter: "Re:[Full-Disclosure] Re: Outbreak of a virus on campus, scanning tcp 80/6129/1025/3127"

Previous message: Exibar: "RE: [inbox] Re: [Full-Disclosure] Potential Microsoft PCT worm (MS04-011)"
In reply to: insecure: "Re: [Full-Disclosure] Potential Microsoft PCT worm (MS04-011)"
Next in thread: http-equiv_at_excite.com: "Re: [Full-Disclosure] Potential Microsoft PCT worm (MS04-011)"
Maybe reply: http-equiv_at_excite.com: "Re: [Full-Disclosure] Potential Microsoft PCT worm (MS04-011)"
Maybe reply: Tremaine Lea: "RE: [Full-Disclosure] Potential Microsoft PCT worm (MS04-011)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Full-Disclosure" <full-disclosure@lists.netsys.com>
Date: Fri, 23 Apr 2004 18:21:39 -0500

# start snip

- Microsoft ( ... ) continues to urge all customers to immediately install
the MS4-011 update ( ...)

- Customers who are still evaluating and testing MS04-011 should immediately
implement the workaround steps detailed for the PCT/SSL vulnerability
detailed in the MS04-011. In addition, Microsoft has published a knowledge
base article KB187498 at
http://support.microsoft.com/default.aspx?scid=kb;en-us;187498 which
provides additional details on SSL and how to disable PCT without applying
MS04-011.

# end snip

"Evaluating and testing" ?

Is it so difficult for Microsoft to acknowledge that MS04-11 does cause some
Windows 2003 and Win2K servers to become unstable, to the point that
reinstalling Windows is sometimes necessary?

Is there going to be an update to the patch?

Iñigo Koch
Red Segura

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: Ian Latter: "Re:[Full-Disclosure] Re: Outbreak of a virus on campus, scanning tcp 80/6129/1025/3127"

Previous message: Exibar: "RE: [inbox] Re: [Full-Disclosure] Potential Microsoft PCT worm (MS04-011)"
In reply to: insecure: "Re: [Full-Disclosure] Potential Microsoft PCT worm (MS04-011)"
Next in thread: http-equiv_at_excite.com: "Re: [Full-Disclosure] Potential Microsoft PCT worm (MS04-011)"
Maybe reply: http-equiv_at_excite.com: "Re: [Full-Disclosure] Potential Microsoft PCT worm (MS04-011)"
Maybe reply: Tremaine Lea: "RE: [Full-Disclosure] Potential Microsoft PCT worm (MS04-011)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Transgressing the Boundaries: Towards a Transformative Hermeneutics of Copyright and Patent Law?
... to pay a "Microsoft tax" just to use a given piece of ... So basically there exists 1 commercial-quality free game (Enemy ... Funny that you keep arguing then. ... [snip further badmouthing of Nehahra] ...
(comp.lang.java.programmer)
Re: .NET SUCKS --- READ FOLLOWING. MICROSOFT IS A SUCKY CO
... > Microsoft person where they use the term 'cross platform'. ... but not on a production box. ...
(microsoft.public.dotnet.framework)
Re: Repair Installation
... > stripped out of Windows XP, or has Microsoft stripped it out? ... or buy a retail copy. ...
(microsoft.public.windowsxp.general)
Re: Ternary operator
... to the perl maintainers) is "Where does perl document the ternary ... operator's behaviour of only evaluating either the second or the third ... is the only trinary operator. ...
(perl.beginners)
Re: Apples poor positioning for the age *after* x86
... Nor is the .NET technology suitable for use in the kernel; a new kernel was never in the cards. ... What Microsoft originally did plan to do was rewrite a significantly amount of higher level code in .NET -- presumably things like Explorer. ...
(comp.sys.mac.advocacy)