| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <81637804AB36A644BBDE3ED9DD4E73FD96CEE8@hermes.eCompany.gov> From: dcopley at eeye.com (Drew Copley) Subject: RE: Another Low Blow From Microsoft: MBSA Failure! BTW, I should note that one user did respond back to my pseudo-challenge and noted that small businesses like his can not afford professional vulnerability assessment solutions. I apologize for alienating these users. To such users: please start using the free Nessus tool. Use MBSA as a back-up. Check in-person on any suspicious anomalies. > -----Original Message----- > From: Drew Copley [mailto:dcopley@...e.com] > Sent: Tuesday, February 10, 2004 11:08 AM > To: dotsecure@...hmail.com; full-disclosure@...ts.netsys.com; > bugtraq@...urityfocus.com; > patchmanagement@...tserv.patchmanagement.org > Subject: RE: Another Low Blow From Microsoft: MBSA Failure! > > > > > -----Original Message----- > > From: dotsecure@...hmail.com [mailto:dotsecure@...hmail.com] > > Sent: Tuesday, February 10, 2004 10:21 AM > > To: full-disclosure@...ts.netsys.com; bugtraq@...urityfocus.com; > > patchmanagement@...tserv.patchmanagement.org > > Subject: Another Low Blow From Microsoft: MBSA Failure! > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Another Low Blow from Microsoft. > > > > Within the last few weeks at our company we have been doing > testing to > > find out total number of patched machines we have against > the latest > > Messenger Service Vulnerability. After checking few > thousand computers > > we have found several hundred were still affected even though patch > > has been applied. We have scanned with Retina, Foundstone > and Qualys > > tools which they all showed as "VULNERABLE", however when > we scanned > > with Microsoft Base Security Analyzer it showed as "NOT > VULNERABLE". > > This was at first confusing; one would think an assessment tool > > released by the original vendor would actually be accurate > > <snip> > > > > > > Had we trusted Microsoft Base Analyzer we would still be vulnerable. > > Retina has the same potential functionality as MBSA. We can > also do registry and file checks. And, sometimes we do. But, > we try to do remote checks that are non-intrusive and that do > not use these. A big reason for this is that remote registry > and file checks are very unreliable. > (Far beyond just the fact that someone could fake out the > scanner by putting a dummy file or registry entry up there > intentionally). > > I don't know anyone that uses MBSA only for their network. It > is an interesting toy, but it surely isn't capable of > replacing a true vulnerability assessment solution. > > > > > > > Questions comments email me at dotsecure@...hamail.com or > > Aim: Evilkind. > > > > > > <snip> > >
Powered by blists - more mailing lists