Re: Mycrowsoft's appetite for opaserv worm
From: neo [mvp outlook] (neo@mvps.org)
Date: 01/06/03
- Next message: Jeff Qiu: "RE: Ftp error TCP/IP Filtering"
- Previous message: Mike Kurzer: "cannot log on to win2000"
- Next in thread: Joe Richards [MVP]: "Re: Mycrowsoft's appetite for opaserv worm"
- Reply: Joe Richards [MVP]: "Re: Mycrowsoft's appetite for opaserv worm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "neo [mvp outlook]" <neo@mvps.org> Date: Sun, 5 Jan 2003 17:56:21 -0800
I looked at your earlier post and this one and I will go out on a limb and
state some things that may or may not help.
In your post, your subject line implies that Microsoft released the opaserv
worm to force people to upgrade. While I can understand your frustration
that Microsoft is suggesting that you buy a new computer/operating system,
you must face that reality that the technology that is in Windows 9x is a 7
1/2 year old technology. There has been plenty of time for security
breaches to be found and patched. To blindly think that computer software
is bug free is not a realistic assumption since it is written by flawed
human beings.
While I'm sure you applaud Symantec, Network Associates, and myriad of many
others in creating signatures that can detect this threat, it doesn't mean
that Microsoft has slacked off and ignored the issue. They [MS] have posted
their fix to the problem in security bulletin MS00-072. Perhaps the
Microsoft Support person pointed you this article or perhaps they didn't, in
either case it is something that I will never know. What I do know for
certain is that to expect a vendor to give you a brand new something is a
tad over the top when there is a well establish course of repair. So, is
there a reason why this patch isn't good enough for you and you still feel
that Microsoft should give you Microsoft Windows 2000 or XP? In my honest
opinion, they have acted honestly by providing you a fix free of charge.
While we are visiting the land of fingerpointing, here is another question
for you... why don't you blame Symantec or Network Associates for this
tragedy? Surely a security company that you purchased software from should
have had the foresight to see this flaw and protect you before it happened.
The reason that I guess you aren't blaming them is that you see it just like
I do, they can only react to a problem after it is discovered. Why doesn't
this same philosophy apply to Microsoft? Is it because your opinion is now
jaded by the ruling of the court? Or is it that your core believe system is
that once dishonest always dishonest?
The sorry truth of this plight, is that a security vulnerability happen to
find you before the steps where taken to correct it. You shouldn't be
blaming others when the course of action was clear on October 10, 2000.
Just my $.02
/neo
"m" <murthy64@hotmail.com> wrote in message
news:00ef01c2b500$5e22c680$d6f82ecf@TK2MSFTNGXA13...
> Mycrowsoft's appetite for opaserv worm
> by murthy64@hotmail.com
> Dear All:
> A number of respondents came thru, mostly MVP's, to my
> information campaign.
> They questioned my objective: I want to inform Windows 98
> and 95 users
> about Opaserv. They asked me what do I expect from
> Mycrowsoft:
> I want an apology and replacement of software free of cost
> among other things.
> They said I'm spreading mis-information: I am attaching
> the URL's
> for the most respected organizations in the software
> business (unlike
> crooked Seattle companies making software for the world).
> You
> decide who is to gain by questioning the license of
> Windows software
> on your computer?
>
> Unlike MVP's I don't have time to respond to every post
> here even if
> they are well intended responses to my posts. I've devoted
> a weekend
> to inform my neighbors about the evil worms Mycrowsoft can
> spread.
> I have a family to feed. I may be able to answer a limited
> number of
> emails sent to murthy64@hotmail.com. If you want to attack
> me
> or accuse me please don't post your response on the web as
> I don't
> intend to read.
>
> http://securityresponse.symantec.com/avcenter/venc/data/w32
> .opaserv.k.worm.html
>
> http://vil.nai.com/vil/content/v_99924.htm
> This worm spreads via network shares.
> Payload
>
> The worm attempts drops a trojan, C:\MSLICENF.COM
> (detected as QZap248
> with the 4240 DAT files), which can overwrite the boot
> sector,
> delete the CMOS, and delete the contents of the hard disk.
> Reference to this file is placed in the AUTOEXEC.BAT file.
> It then
> restarts the computer by dropping the file BOOT.EXE
> (detected as
> Reboot-V the 4240 DAT files), and running it. Upon reboot,
> the .COM
> file is executed. The following message is displayed.
> NOTICE:
>
> Illegal Microsoft Windows license detected!
> You are in violation of the Digital Millennium Copyright
> Act!
>
> Your unauthorized license has been revoked.
>
> For more information, please call us at:
>
> 1-888-NOPIRACY
>
> If you are outside the USA, please look up the correct
> contact
> information on our website, at:
>
> www.bsa.org
>
>
> Business Software Alliance
> Promoting a safe & legal online world.
>
>
- Next message: Jeff Qiu: "RE: Ftp error TCP/IP Filtering"
- Previous message: Mike Kurzer: "cannot log on to win2000"
- Next in thread: Joe Richards [MVP]: "Re: Mycrowsoft's appetite for opaserv worm"
- Reply: Joe Richards [MVP]: "Re: Mycrowsoft's appetite for opaserv worm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
