MS defends MBSA
From: H C (keydet89@yahoo.com)Date: 04/23/02
- Previous message: Stuart Fox (DSL AK): "RE: Microsoft Cluster in DMZ - Need Advice"
- Next in thread: Arendt, Jordan ED0: "RE: MS defends MBSA"
- Reply: Arendt, Jordan ED0: "RE: MS defends MBSA"
- Reply: Speight, Howard F: "RE: MS defends MBSA"
- Reply: Arnott James M Contr AEDC/TEK: "RE: MS defends MBSA"
- Reply: Muhammad Faisal Rauf Danka: "Re: MS defends MBSA"
- Reply: Luke Smith: "RE: MS defends MBSA"
- Reply: Pidgorny, Slav: "RE: MS defends MBSA"
- Reply: Bradley, Tony: "RE: MS defends MBSA"
- Reply: Arnott James M Contr AEDC/TEK: "RE: MS defends MBSA"
- Reply: Espinosa, Giancarlo: "RE: MS defends MBSA"
- Reply: Beadles, Mark A: "RE: MS defends MBSA"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 23 Apr 2002 07:08:32 -0700 (PDT) From: H C <keydet89@yahoo.com> To: focus-ms@securityfocus.com
Link to IDG article:
http://idg.net/ic_849313_4394_1-3921.html
The article author, Brian Fonseca, describes the MBSA
as "a more user friendly version of HFNetChk built
around a new GUI". However, the article says that
"users should be aware that differences occur in the
manner notes -- an advisory indicating no patch is
present -- and warnings are posted by each." That
came from Steve Lipner, director of security assurance
at Microsoft.
The article continues:
"Lipner said hotfixes could also lead to MBSA
misinterpretation." Aaaahhhh. Okay. The thing that
got me was the following statement from Lipner: "If a
hotfix was applied to plug a code exploit that did not
come directly from a Microsoft security bulletin, MBSA
will "guess" a system update has occurred".
That being the case...why would a patch be on an MS
system that did not come directly from an MS Security
Bulletin? Would this then provide a means by which a
malicious admin could fool the MBSA reports?
It sounds as if the author is also leaning toward the
usual journalistic FUD with this statement:
"Available for free download, MBSA is designed to
unearth Microsoft product holes". The tool doesn't
unearth holes...it reports patches/hotfixes, and a few
other things.
I, for one, would be interested in hearing anything
anyone has to offer about using this tool...the more
specific ("it rocks" or "it sux" is *not* specific)
the better.
__________________________________________________
Do You Yahoo!?
Yahoo! Games - play chess, backgammon, pool and more
http://games.yahoo.com/
- Previous message: Stuart Fox (DSL AK): "RE: Microsoft Cluster in DMZ - Need Advice"
- Next in thread: Arendt, Jordan ED0: "RE: MS defends MBSA"
- Reply: Arendt, Jordan ED0: "RE: MS defends MBSA"
- Reply: Speight, Howard F: "RE: MS defends MBSA"
- Reply: Arnott James M Contr AEDC/TEK: "RE: MS defends MBSA"
- Reply: Muhammad Faisal Rauf Danka: "Re: MS defends MBSA"
- Reply: Luke Smith: "RE: MS defends MBSA"
- Reply: Pidgorny, Slav: "RE: MS defends MBSA"
- Reply: Bradley, Tony: "RE: MS defends MBSA"
- Reply: Arnott James M Contr AEDC/TEK: "RE: MS defends MBSA"
- Reply: Espinosa, Giancarlo: "RE: MS defends MBSA"
- Reply: Beadles, Mark A: "RE: MS defends MBSA"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
