Re: MS04-011 Status ?

From: Bill Sanderson (Bill_Sanderson_at_msn.com.plugh.org)
Date: 04/22/04 

Date: Thu, 22 Apr 2004 16:28:33 -0400

This patch has a rather long list of separate vulnerabilities.

When I check the vuln details of at least one--ASN.1, the workarounds
section reads:

None.

If I were running Windows XP SP2's firewall, I'd set it to the locked
setting--no exceptions.

If you can do that to your software firewall, I think I'd feel reasonably
safe--that's the kind of setting which is appropriate on a shared ethernet
in a public place, anyway.

"BeamGuy" <nobody@SPAM.com> wrote in message
news:%23FrdzZKKEHA.2688@TK2MSFTNGP10.phx.gbl...
> Should I assume that a good software firewall would protect me when I plug
> my
> laptop into the hotel high speed internet portal tommorrow?
>
>
> "Bill Sanderson" <Bill_Sanderson@msn.com.plugh.org> wrote in message
> news:%23gkXGWKKEHA.2680@TK2MSFTNGP11.phx.gbl...
>> FWIW, there is a publicly available attack script available for this
>> vulnerability now. The likelyhood is that such a script may enable a
>> simple
>> modification to an existing worm to use this vulnerability in the near
>> future.
>>
>> "Jim Matthews" <jmweb@comcast.net> wrote in message
>> news:%23l6bwpJKEHA.3216@tk2msftngp13.phx.gbl...
>> > Ok - I held off on installing these patches, and approving them for
>> > installation on my consultant's (remote) laptops because of the
>> > problems
>> > noted in this group and elsewhere.
>> >
>> > Is there any response or change from MS ?
>> >
>> > I know - I can't afford to have a successful attack - but I certainly
>> > cannot
>> > have one of these laptops "crash and burn" - so that seems the lesser
>> > risk.
>> >
>> > Any guidance/news on this is greatly appreciated
>> >
>> > JM
>> >
>> >
>>
>>
>
>

Relevant Pages

  • Re: MS04-011 Status ?
    ... When I check the vuln details of at least one--ASN.1, the workarounds ... If you can do that to your software firewall, ... there is a publicly available attack script available for this ... >> modification to an existing worm to use this vulnerability in the near ...
    (microsoft.public.win2000.general)
  • Re: MS04-011 Status ?
    ... laptop into the hotel high speed internet portal tommorrow? ... > FWIW, there is a publicly available attack script available for this ... > modification to an existing worm to use this vulnerability in the near ...
    (microsoft.public.win2000.general)
  • Re: MS04-011 Status ?
    ... there is a publicly available attack script available for this ... The likelyhood is that such a script may enable a simple ... modification to an existing worm to use this vulnerability in the near ... > Ok - I held off on installing these patches, ...
    (microsoft.public.win2000.security)
  • Re: MS04-011 Status ?
    ... laptop into the hotel high speed internet portal tommorrow? ... > FWIW, there is a publicly available attack script available for this ... > modification to an existing worm to use this vulnerability in the near ...
    (microsoft.public.win2000.security)
  • Re: MS04-011 Status ?
    ... there is a publicly available attack script available for this ... The likelyhood is that such a script may enable a simple ... modification to an existing worm to use this vulnerability in the near ... > Ok - I held off on installing these patches, ...
    (microsoft.public.win2000.general)
Loading