I was getting 13KB last night... It looks like their dogs are in on it, too... Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/pages/author_index.asp?aut=3 http://isatools.org Read the books! ----- Original Message ----- From: "John Tolmachoff" <isalist@xxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Tuesday, September 10, 2002 7:17 AM Subject: [isalist] Re: WinXP Vulnerability http://www.ISAserver.org I think everybody and their brother is downloading right now. I am on a T-1. The transfer rate is at 20 KBS. John Tolmachoff IT Manager, Network Engineer RelianceSoft, Inc. Fullerton, CA 92835 www.reliancesoft.com -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Monday, September 09, 2002 8:02 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: WinXP Vulnerability http://www.ISAserver.org ..and the answer to the question is: Get WinXP SP1 ..now http://download.microsoft.com/download/whistler/SP/SP1/WXP/EN-US/xpsp1_e n_x8 6.exe -- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/pages/author_index.asp?aut=3 http://isatools.org Read the books! "Jim Harrison" <jim.nospam@xxxxxxxxxxxx> wrote in message news:uJ8865DWCHA.3476@xxxxxxxxxxxxxx That's ugly! I tried it on my own system (with a test file, of course), and sure enough; it was gone. Apparently, it's job is to remove the data file that gets created when the hardware help scans your system to upload driver data to MS for the purposes of locating a suitable driver for your new device. -- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/pages/author_index.asp?aut=3 http://isatools.org Read the books! "vagabond" <mail@xxxxxxxxx> wrote in message news:u1jFTdDWCHA.2452@xxxxxxxxxxxxxx Just a quick heads-up as most folk here are fairly security conscious. This only applies to WinXP. It is very serious. A quick look at www.grc.com/default.htm and http://www.security.nnov.ru/search/document.asp?docid=3370 outlines the vulnerability. As the exploit is "out" now people may begin to encounter it. There is a detailed discussion of this on the GRC 'Security' newsgroup (news.grc.com). In essence, it deletes files on the clicking or execution of a link, utilising a "feature" of XP's Help Center. -- vagabond (originally posted to isaserver group- is that group going to be wound up as a result of the new structure?) ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: isalist@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')