[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <4E95C7A1E07DF542A694DBE1158547AF057802@trinity.win2k.kerrysteele.com>
From: ksteele at securitypenetration.com (Kerry Steele)
Subject: recent RPC/DCOM worm thought
Interesting thought, but I would have to say that it really goes deeper
than that.
If Microsoft were as evil an empire as they are perceived to be, then
wouldn't they already have the backdoor to your system to apply the
patch anyway? If so then why go throught the pain in the ass to write a
shotty worm and draw bad publicity to the company?
Think about the anti-virus companies and, well, every security software
product out there, that is racing to be the "first" to detect or
remediate X new variant of the worm. What an opportunity for market
traction and visibility, wouldn't you say?
My USD 0.02.
Cheers,
Kerry
-----Original Message-----
From: Eichert, Diana [mailto:deicher@...dia.gov]
Sent: Wednesday, August 13, 2003 7:42 AM
To: 'full-disclosure@...ts.netsys.com'
Subject: [Full-Disclosure] recent RPC/DCOM worm thought
I've been thinking about how "poorly" this worm was
written and how it really wasn't very malicious, just
very time consuming, forcing people/companies to
install patches to their systems.
Now here's an alternative thought about it.
What if "someone" purposely wrote this worm to get
the attention of people to patch their systems, not
to DOS the mickeysoft upgrade site. If they really
wanted to create a DOS against a website they wouldn't
have postponed it for 4 days. That's a long time in
today's world.
I mean if you were mickeysoft and there was a known
security hole wouldn't it be in you best interest to
have the first real exploit of it be relatively benign?
It gets everyone's attention and they are forced to
install the latest security patch.
anyway, my US$.02 worth
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists