[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] MS03-032 Patch Updated or NOT ?

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] MS03-032 Patch Updated or NOT ?
From: Nick FitzGerald <nick@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 10 Sep 2003 14:23:29 +1200

Elv1S <elvi52001@xxxxxxxxx> wrote:

> on MS website, the security bulletin MS03-032 was updated on sept 8 :
> 
> V1.3 (September 8, 2003): Added information regarding reports that the
> patch provided does not properly correct the Object Type Vulnerability
> (CAN-2002-0532) 
> 
> But after applying the patch, rebooting - and making a test on k-otik :
>  
> http://www.k-otik.com/MS03-032-TEST/
> http://www.k-otik.com/MS03-032-TEST2/
>  
> i'm still vulnerable !!!
>  
> So updated or not ??

Not.

Had you read a little more carefully you may have noted the third paragraph of 
the updated bulletin, which reads, in its entirety:

   Microsoft is investigating these reports and will re-issue this
   bulletin with an updated patch that corrects these problems.

Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] MS03-032 Patch Updated or NOT ?
  - From: Elv1S

Prev by Date: RE: [Full-Disclosure] MS03-032 Patch Updated or NOT ?
Next by Date: Re: [Full-Disclosure] MS03-032 Patch Updated or NOT ?
Previous by thread: RE: [Full-Disclosure] MS03-032 Patch Updated or NOT ?
Next by thread: Re: [Full-Disclosure] MS03-032 Patch Updated or NOT ?
Index(es):
- Date
- Thread