Why is MS04-011 (KB835732) not included in current MS05-05X updates?

From: Andreas Eibach (aeibach_at_despammed.com)
Date: 11/29/05


Date: Tue, 29 Nov 2005 18:57:59 +0100

Is there any technical explanation for the necessity of this "old"
patch?

MS04-011 patches an *extremely* critical security hole, the Sasser worm.
I think Microsoft would not require too much effort to include the
Sasser worm patch into one of the forthcoming MS05-05X or -06X.
The RPC/DCOM exploit patch MS03-039 (824146) is replaced too now, so ...

MS's patches are usually nothing but a wagonload of system files (DLLs,
SYS ... ) replaced, anyhow..

-Andreas



Relevant Pages