Re: WinXP Vulnerability

  • From: "Jim Harrison" <jim@xxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Tue, 10 Sep 2002 07:22:36 -0700

I was getting 13KB last night...
It looks like their dogs are in on it, too...

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://isaserver.org/pages/author_index.asp?aut=3
 http://isatools.org
 Read the books!

----- Original Message -----
From: "John Tolmachoff" <isalist@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, September 10, 2002 7:17 AM
Subject: [isalist] Re: WinXP Vulnerability


http://www.ISAserver.org


I think everybody and their brother is downloading right now.

I am on a T-1. The transfer rate is at 20 KBS.

John Tolmachoff
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA  92835
www.reliancesoft.com


-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Monday, September 09, 2002 8:02 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: WinXP Vulnerability

http://www.ISAserver.org


..and the answer to the question is:
Get WinXP SP1
..now

http://download.microsoft.com/download/whistler/SP/SP1/WXP/EN-US/xpsp1_e
n_x8
6.exe

--
 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://isaserver.org/pages/author_index.asp?aut=3
 http://isatools.org
 Read the books!

"Jim Harrison" <jim.nospam@xxxxxxxxxxxx> wrote in message
news:uJ8865DWCHA.3476@xxxxxxxxxxxxxx
That's ugly!
I tried it on my own system (with a test file, of course), and sure
enough;
it was gone.
Apparently, it's job is to remove the data file that gets created when
the
hardware help scans your system to upload driver data to MS for the
purposes
of locating a suitable driver for your new device.

--
 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://isaserver.org/pages/author_index.asp?aut=3
 http://isatools.org
 Read the books!

"vagabond" <mail@xxxxxxxxx> wrote in message
news:u1jFTdDWCHA.2452@xxxxxxxxxxxxxx
Just a quick heads-up as most folk here are fairly security conscious.
This
only applies to WinXP.  It is very serious.

A quick look at www.grc.com/default.htm and
http://www.security.nnov.ru/search/document.asp?docid=3370 outlines the
vulnerability.

As the exploit is "out" now people may begin to encounter it.  There is
a
detailed discussion of this on the GRC 'Security' newsgroup
(news.grc.com).

In essence, it deletes files on the clicking or execution of a link,
utilising a "feature" of XP's Help Center.


--


vagabond
(originally posted to isaserver group- is that group going to be wound
up as
a result of the new structure?)









------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 09-2002