Alert: False emails and content filters

From: Russ (Russ.Cooper@RC.ON.CA)
Date: 03/15/02 

Date:         Fri, 15 Mar 2002 06:55:22 -0500
From: Russ <Russ.Cooper@RC.ON.CA>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

For reasons I can only speculate about, over 100 NTBugtraq subscribers
have sent me personal or list messages talking about the fake Microsoft
bulletin floating around (3 slightly different versions).

This fake mail message was announced in an NTBugtraq alert from me on
3/7/2002.

I can only suspect that content filters have prevented some NTBugtraq
subscribers from seeing that message. Clearly, if you expect to get full
value from NTBugtraq you're going to have to clarify/refine the often
overly vague rules that some content filtering gateway products (or
their administrators) use.

I do not recommend that you compromise your security. NTBugtraq messages
may well contain information that could be harmful. Links to sites you
would not want to visit with unpatched browsers, code snippets which
could be deemed "malicious" by some, etc... but that is the price you
pay if you wish to keep abreast of the latest security issues.

I would ask that before you send me information on something you would
have expected to see in NTBugtraq, check the list archives,
http://www.ntbugtraq.com/archives, first.

This also applies to the many messages I have received asking if I've
seen a site which can cause notepad, calc, or tsshutdown to execute on
your machine. This was announced on 2/27 (GMT) by GreyMagic. It may not
be obvious that the message is about the same issue. GreyMagic's
demonstration did not involve scripting, they used XML to cause the same
results. The original message about the issue was posted in January.
There is, as yet, no patch for this issue from Microsoft.

So please, stop "informing" me about these issues. Check the web
archives to see the messages you missed (or that were sent to the list
before you subscribed).

Cheers,
Russ - NTBugtraq Editor

Relevant Pages

  • Re: Patch Solutions - survey
    ... Today NTBugtraq has more than 31,000 subscribers. ... For those of you who asked, I have added the solutions below to the survey. ... code "NT1003" when registering to take the TICSA exam at www.2test.com. ...
    (NT-Bugtraq)
  • Re: SILLY BEHAVIOR : Internet Explorer 5.5 - 6.0
    ... http-equiv sent a message to NTBugtraq yesterday that set off over 500 email virus alerts. ... There are, regularly, 100+ subscribers who's email filters invariably trigger because of words, content deemed to be spam, or false detections of malicious content. ... try and avoid automatic responses to NTBugtraq messages. ...
    (NT-Bugtraq)