http://www.ISAserver.org ------------------------------------------------------- Indeed. And though you don't have the same "host OS" issues with ESX as you do with Virt PC, etc, when you consider ESX's ability to intercept IP calls from one guest to another and re-route them directly to the guest without traversing the IP stack, one can't help but wonder what sort of injection issues are possible - i.e., fuzzing the guest stack to make the host puke... t > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison > Sent: Tuesday, August 14, 2007 1:53 PM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: Microsoft Security Bulletin MS07-049 - > Important: Vulnerability in Virtual PC and Virtual Server Could Allow > Elevation of Privilege (937986) > > http://www.ISAserver.org > ------------------------------------------------------- > > Never say never. > Code may be made "more secure", but there's always someone out there > capable of finding "the one".' > > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > bounce@xxxxxxxxxxxxx] > On Behalf Of Steve Moffat > Sent: Tuesday, August 14, 2007 12:53 PM > To: ISA Mailing List > Subject: [isalist] Re: Microsoft Security Bulletin MS07-049 - > Important: > Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of > Privilege (937986) > > Never....:) > > > > > > > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > bounce@xxxxxxxxxxxxx] > On Behalf Of Amy Babinchak > Sent: Tuesday, August 14, 2007 4:34 PM > To: ISA Mailing List > Subject: [isalist] Re: Microsoft Security Bulletin MS07-049 - > Important: > Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of > Privilege (937986) > > > > yet > > > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > bounce@xxxxxxxxxxxxx] > On Behalf Of Steve Moffat > Sent: Tuesday, August 14, 2007 2:45 PM > To: ISA Mailing List > Subject: [isalist] Re: Microsoft Security Bulletin MS07-049 - > Important: > Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of > Privilege (937986) > > > > ESX rules BTW..........no issues there...J > > > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > bounce@xxxxxxxxxxxxx] > On Behalf Of Thomas W Shinder > Sent: Tuesday, August 14, 2007 3:15 PM > To: ISA Mailing List > Subject: [isalist] Re: Microsoft Security Bulletin MS07-049 - > Important: > Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of > Privilege (937986) > > > > This is "why" :) > > > > Thomas W Shinder, M.D. > Site: www.isaserver.org <http://www.isaserver.org/> > Blog: http://blogs.isaserver.org/shinder/ > Book: http://tinyurl.com/3xqb7 > MVP -- Microsoft Firewalls (ISA) > > > > > > ________________________________ > > From: isalist-bounce@xxxxxxxxxxxxx > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder > Sent: Tuesday, August 14, 2007 1:04 PM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Microsoft Security Bulletin MS07-049 - > Important: Vulnerability in Virtual PC and Virtual Server Could Allow > Elevation of Privilege (937986) > > This is way we don't put Firewalls in VMs: > > Microsoft Security Bulletin MS07-049 - Important: Vulnerability > in Virtual PC and Virtual Server Could Allow Elevation of Privilege > (937986): > http://www.microsoft.com/technet/security/Bulletin/ms07-049.mspx > > > All mail to and from this domain is GFI-scanned. > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx