lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <6.0.1.1.2.20040322225346.020420e8@mail.comcast.net>
From: macecil at comcast.net (Michael Cecil)
Subject: When do exploits get used?

At 09:07 PM 3/22/2004, Bill Royds said:
 >My daughter had to re-install part of Windows XP from CD because of some
 >disk problems. She forgot to take the machine off the Internet while doing
 >it and was infected immediately by MSBlaster as soon as the CD restored some
 >older DLL code.

You should make her a slipstreamed copy of XP including all the XP updates 
to this point that she can use if she needs to reinstall again.

 >   I wonder if anyone has actually newly connected to the Internet in the
 >last 6 months. Anybody buying a new XP computer that has a network
 >connection will be infected by MSBlaster and find their machines almost
 >unusable. People on this list would probably know how to disable the reboot
 >for RPCS using the Service manager, but most home users would have no idea
 >how to fix the problem. I wonder how many computers are sitting there
 >rebooting every few minutes because of blaster and no one knows what to do.

Not many I imagine.  Vendors don't ship machines to customers with the 
unpatched 2001 verson of XP.  Even small shops selling white boxes have 
enough sense to apply patches for their customers.  Anyone capable of 
building their own computer certainly wouldn't be stopped by such problems.

I think the only possible continuing victims would be those who use their 
restore discs from 2001 to fix some problem.  They would be likely 
candidates for infection.  I guess if they didn't get updated restore 
discs, they'd be taking their machines into local computer shops or calling 
their vendors for help.
-- 
Michael Cecil
macecil@...cast.net
http://home.comcast.net/~macecil/howto/
http://home.comcast.net/~antiviruscd/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ