<< If you have a system that is not patched against this threat, you will be pwned in the same fashion as the MS05-039 exploit spread like wildfire -- that was my point.
How? (This is hypothetical here) I am running XPSP2 and my firewall is on. I don't have file and print sharing on, as is the case with the overwhelming majority of XPSP2 users. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.pcmag.com/securitywatch/ Contributing Editor, PC Magazine [EMAIL PROTECTED] -----Original Message----- From: Paul Ferguson [mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2008 9:06 PM To: Larry Seltzer Cc: Juha-Matti Laurio; [email protected] Subject: Re: [funsec] Microsoft to rush out emergency Windows patch today -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, Oct 23, 2008 at 4:58 PM, Larry Seltzer <[EMAIL PROTECTED]> wrote: > IIRC, MS05-039 didn't hit XP SP2 users as hard as those of earlier > versions for the same reasons MS08-067 doesn't. Back then XPSP2 was > relatively new, about a year old and met with a lot of resistance, so > the world was full of vulnerable systems. How many pre-XP SP2 systems > are out there in the wild now? (And not already massively infected with > something?) > Doesn't matter, red herring. If you have a system that is not patched against this threat, you will be pwned in the same fashion as the MS05-039 exploit spread like wildfire -- that was my point. - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFJAR+Lq1pz9mNUZTMRAmVWAJ97OyZdEx0WZRngkKCY96qsu/ujrACfSNtT 5/vLeB+ZH6OvdSP7rkVA1rM= =oBA2 -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
