[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] RE: Probable new MS DCOM RPC worm for Windo ws
- To: "'full-disclosure@xxxxxxxxxxxxxxxx'" <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [Full-Disclosure] RE: Probable new MS DCOM RPC worm for Windo ws
- From: "Ferris, Robin" <R.Ferris@xxxxxxxxxxxx>
- Date: Fri, 26 Sep 2003 16:42:01 +0100
would it have been possable to actually replace these files manually and the
PC therefore be "patched" so to speak?
-----Original Message-----
From: Gary Flynn [mailto:flynngn@xxxxxxx]
Sent: 26 September 2003 15:40
To: Ferris, Robin
Cc: 'full-disclosure@xxxxxxxxxxxxxxxx'
Subject: Re: [Full-Disclosure] RE: Probable new MS DCOM RPC worm for
Windo ws
Ferris, Robin wrote:
> I have not yet verified if the files were installed or not and thats a
very
> good point. I didnt and still dont know what files it changed or installed
> for the ms03-026. What are they?
MS03-026:
http://support.microsoft.com/?kbid=823980
> However the eeye scanner has always proved to be correct thus far, in all
> the cases that I have tried it on. As we use a standard image here it
would
> be odd that the patch is "ineffective" in that configuration (PATH?) I
think
> it is because the patch as has been noted is not always effective.
--
Gary Flynn
Security Engineer - Technical Services
James Madison University
Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html