[<prev] [next>] [day] [month] [year] [list]
Message-ID: <4080940E.3090600@onryou.com>
From: lists2 at onryou.com (Cael Abal)
Subject: While we're on the subject of Microsoft and their patches...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I was reading the details of the 820291 Recommended Update (which is,
oddly enough, a 1.0 MB patch implementing an additional Start Menu icon
and associated help files) here:
http://support.microsoft.com/?kbid=820291
When I noticed the following blurb which seems to be attached to all MS
patches, but I'd never bothered to read:
- ---snip---
Microsoft scanned this file for viruses. Microsoft used the most current
virus-detection software that was available on the date that the file
was posted. The file is stored on security-enhanced servers that help to
prevent any unauthorized changes to the file. The English version of
this fix has the file attributes (or later) that are listed in the
following table. The dates and times for these files are listed in
coordinated universal time (UTC). When you view the file information, it
is converted to local time. To find the difference between UTC and local
time, use the Time Zone tab in the Date and Time tool in Control Panel.
Date Time Version Size File name
- -----------------------------------------------------------
29-May-2003 15:47 5.1.2600.1228 579,584 Appwiz.cpl
12-May-2003 01:12 6.0.2800.1221 996,352 Explorer.exe
12-May-2003 01:13 5.1.2600.1221 33,792 Shmgrate.exe
01-May-2003 21:37 20,223 Spad.chm
- ---snip---
This is pretty silly -- they go out of their way to assure us their
patches don't appear to contain viruses and that they are kept on
'security-enhanced servers that help to prevent any unauthorized
changes', even going so far as to giving us date stamps, file sizes, and
version numbers... But no md5 or sha-1 sums? If memory serves me
right, even the Jerusalem virus preserved date stamps.
Welcome to the '80s!
Cael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)
iD8DBQFAgJQOR2vQ2HfQHfsRAhyiAKDH616rJ8Y6yA2OlDWaGbI3djcqGACfaDop
j1zpt4y8U5+i0qgnWYys/nI=
=EbvE
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists