[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200308010041.h710fjG2038497@mailserver1.hushmail.com>
From: dhtml at hush.com (dhtml@...h.com)
Subject: OT but related.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I read Paul's post and that one and can't
see two identical sentences.
Can you show me one? These look to me
to be two individuals who've discovered
the same problem by different means
*****
ARE _YOU_ BLIND? You're buddy stole Cooper's message and modified it
to make it appear like he did the testing. Probably to justify his non-
technical position in the matter as he slowly sinks while surrounded
by real techs. Here we go, I shall convert it to braille for you:
RC: "FYI, it is worth reminding people that some patch checking tools
don't do a complete check. Windows Update doesn't check files, and it
would seem that other products have problems also"
PS: "For the rest of you, testing has shown that some patch management
tools are incorrectly reporting that MS03-026 is installed when it's
not
(notably Windows Update and Update Expert, among others.)
RC: Update Expert (and possibly other such tools) will incorrectly assert
you have the patch applied when in fact you don't
RC: Some tools only check for the presence of a registry key indicating
that a hotfix was applied. Other tools, such as Shavlik's HFNetchk and
MBSA (and others) actually check file details, including a checksum,
to verify that the files in play are actually the right versions
PS: If theycheck the registry (like Windows Update and Update Expert
do) they will *incorrectly* report that MS03-026 has been installed when
if fact the files have not been updated. If they do MD5 checksums (like
Hfnetchk or MBSA), they will correctly report the patch level.
RC: MBSA and eEye's Retina both said the systems *did not* have MS03-
026 applied (right).
PS: The Retina tool from eEye (and I would assume the IIS commandline
tool as well) is correctly reporting what *is* patched and what is *not*
patched, so you need to rely on those to give you accurate information.
RC: While this may be a problem with the way Update Expert deploys Service
Pack + Hotfix combinations, it also demonstrates the problem Windows
Update has by not being able to examine file details (relying only on
registry entries).
PS: You could actually have users going to Windows Update and finding
no
patches available when in fact they are still vulnerable.
PLAGIARISM ONE OH ONE SAID THE BLIND MAN TO THE DEAF MAN. BUT I AM A
REAL TECH SIGNED THE DEAF MAN. I CODE IN SIGN LANGUAGE. CAN I HAVE YOURS.
Paul Smells: http://lists.netsys.com/pipermail/full-disclosure/2003-July/012043.html
Russ Cooper: http://archives.neohapsis.com/archives/ntbugtraq/2003-q3/0076.html
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.3
wkYEARECAAYFAj8ptygACgkQTAj0ZSCgbx5VXwCdFvHe1aYqjisT+D3PnX/M2+p8tNoA
n0sMUnZPbRb3GZWFLUuvBcOdLk4+
=jq72
-----END PGP SIGNATURE-----
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434
Promote security and make money with the Hushmail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427
Powered by blists - more mailing lists