lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed Jan  4 20:01:12 2006
From: dantrevino at yahoo.com (Dan Trevino)
Subject: Unofficial Microsoft patches help hackers,
	not security


Er...whether its patched my Microsoft or patched by a hacker, the hacker still has the rootkit installed.  Your suggestion is to give the hackers more time to install their rootkits?  Brilliant. 
  
dan  
  (sorry for the top-posting, not at my normal workstation)

----- Original Message ----
From: Joe Average <yahooinsider@...il.com>
To: Niek <niek@...ak.coding-slaves.com>; full-disclosure@...ts.grok.org.uk
Sent: Wed 04 Jan 2006 01:49:58 PM EST
Subject: Re: [Full-disclosure] Unofficial Microsoft patches help hackers, not security

>From my blog:
  
 ""[Unofficial patches are available, as is a leaked official patch] [Unofficial patches are merely used by hackers as a tool to patch machines they've compromised, to stop other hackers hacking the same machine, although the machine is still accessable to the hacker.] [The consumer goes along to Windows Update on Tuesday and doesn't think they need a patch, because Microsoft tells them its not needed. Little does the consumer know their machine was patched by a hacker, who now has control over their computer network.]"" 
  
 It means the unofficial patch is as harmful as the vulnerability and exploit code its self.

 
 On 1/4/06, Niek <niek@...ak.coding-slaves.com> wrote: On 1/4/2006 7:33 PM +0100, Joe Average wrote:
> ........ The majority of consumers aren't
> getting your unofficial patches, but you can be sure the hackers are using 
> them, and using them to their advantage.

Yeah hackers are now using the unofficial patch to protect themselves!!!
nooooooooooooooooo

Niek
_______________________________________________
Full-Disclosure - We believe in it. 
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/ 


 _______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060104/ebe9e71e/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ