RE: new unknown ms problem...

From: Byrne, David (dbyrne@tiaa-cref.org)
Date: 09/06/02


From: "Byrne, David" <dbyrne@tiaa-cref.org>
To: focus-ms@securityfocus.com
Date: Fri, 6 Sep 2002 15:12:08 -0600 

My take is that a new and/or stupid manager at Microsoft panicked. The
article describes planting trojans and changing security settings. This is
so vague and so common in intrusions that it could mean anything. They are
probably seeing a number of systems compromised by a single
person/group/tool. Nothing in the article indicates the intrusions were
through a common vulnerability or configuration mistake. What is there
solution? "Fully-patched computers that follow security best practices
provide the best protection from hacking or other malicious software." It
reads like an NIPC alert. Vague threat, common symptoms and obvious
solutions.

David Byrne
TIAA-CREF

-----Original Message-----
From: stillio@netscape.net [mailto:stillio@netscape.net]
Sent: Friday, September 06, 2002 12:20 PM
To: focus-ms@securityfocus.com
Subject: new unknown ms problem...

Has anyone heard of the new MS security problem...?

Here is the link:
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q328691

**********************************************************************
This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, please contact sender immediately by reply e-mail and destroy all copies. You are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited.
TIAA-CREF
**********************************************************************



Relevant Pages

  • Re: Home Networking/Firewall problem
    ... filters to achieve security you're required to have such a knowledge. ... virus-scanners don't address the problem of running untrusted software, ... common implementations just add new attack vectors). ...
    (comp.security.firewalls)
  • Re: Variable argument function as a parameter of a variable argument function
    ... implies that you don't know. ... It's quite common for people to ask the wrong question; ... the real problem was. ... legitimate - but almost any code that poses security issues can be ...
    (comp.lang.c)
  • Re: Essential updates?
    ... You can browse the Fedora Announce archives at ... Since one mans bug is another mans feature this could be harder ... Critical security bugs will commonly have some reference to a common ...
    (Fedora)
  • RE: Is this normal?
    ... This is far too common. ... A few simple security tips may help. ... Do not allow root any remote access; create a user and su if you need ...
    (Security-Basics)
  • Re: Home Networking/Firewall problem
    ... filters to achieve security you're required to have such a knowledge. ... Back to the car analogy - yes you have to ... but merely serve as an intrusion detection tool, and that "firewalls" ... common implementations just add new attack vectors). ...
    (comp.security.firewalls)