Mail from Microsoft regarding Blaster

From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 08/18/03

  • Next message: Joost de Heer: "MS03-026 on clusters"
    Date:         Mon, 18 Aug 2003 12:07:29 -0400
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    Folks,

    I've had a number of people ask. Microsoft have sent out an email to their customers regarding Blaster/LovSAN and MS03-026. I don't know where they got the email addresses from, but it is "official" in the sense it was sent on the instructions of Microsoft. They used a 3rd party to do the delivery, and did not PGP sign the message (don't ask me why they didn't.) It did not include any attachments, which Microsoft have stated they will never do.

    You can go here for as much information as they're making available;

    https://register.microsoft.com/security/incident/verify.asp

    Interesting to note that they say there that all you need to do to verify the message is check the From: address and ensure its "Microsoft (@newletters.microsoft.com)". Of course we can now expect to see a spate of malware and spam using this From address and, probably, providing a link to the same Microsoft verify website.

    Sigh...

    Cheers,
    Russ - NTBugtraq Editor

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!

    With a growth rate exceeding 110%, the TICSA security practitioner
    certification is one of the hottest IT credentials available. And now, for
    a limited time, you can save 33% off of the TICSA certification exam! To
    learn more about the TICSA certification, and to register as a TICSA
    candidate online, just go to

    http://www.trusecure.com/offer/s0100/

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo


  • Next message: Joost de Heer: "MS03-026 on clusters"

    Relevant Pages

    • Re: Alert: Microsoft Security Bulletin - MS03-039
      ... The way that Microsoft patched the new RPC Part II vulnerability ... Summer's Hottest Certification Just Got HOTTER! ... To learn more about the TICSA certification, ...
      (NT-Bugtraq)
    • WHERE ARE NT4 OLD PASSWORDS STORED
      ... Sorry if this bores many of you (being an NT4 question), ... Summer's Hottest Certification Just Got HOTTER! ... you can save 33% off of the TICSA certification exam! ...
      (NT-Bugtraq)
    • Administrivia: Thats it for the weekend...
      ... Russ - NTBugtraq Editor ... Summer's Hottest Certification Just Got HOTTER! ... you can save 33% off of the TICSA certification exam! ...
      (NT-Bugtraq)
    • Windows 2000 server issue
      ... accurately parse the lists of vulnerable machines produced by the scan ... of addresses directly on the script. ... Summer's Hottest Certification Just Got HOTTER! ... you can save 33% off of the TICSA certification ...
      (NT-Bugtraq)
    • Firewalls and DCOM
      ... Never underestimate the lengths to which your users will inadvertently go through to infect a network;)" ... Summer's Hottest Certification Just Got HOTTER! ... you can save 33% off of the TICSA certification exam! ...
      (NT-Bugtraq)