[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] MS06-019 - How long before this develops into a self propagating email worm
- To: <schanulleke.29172787@xxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] MS06-019 - How long before this develops into a self propagating email worm
- From: David Taylor <ltr@xxxxxxxxxxxxx>
- Date: Wed, 10 May 2006 10:37:35 -0400
One of the things that makes this a bit more dangerous is that the patch
causes problems so people are more reluctant to install the patch until they
see what problems others are having. This could be interesting.
On 5/10/06 6:26 AM, "schanulleke.29172787@xxxxxxxxxxxxx"
<schanulleke.29172787@xxxxxxxxxxxxx> wrote:
> All,
>
> I have read the Microsoft advisory and the alarm bells started to
> whistle ;)
>
> As fas a I can read this open the door to fully self propagating
> email worms with whatever payload you desire.
>
> Yet, sans.org, symantec and
> us-cert.gov still have their threat levels on 1.
>
> What am I missing, surely
> this superseeds the IE7 0-day action (sorry couldn't resist).
>
> Schanulleke
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
==================================================
David Taylor //Sr. Information Security Specialist
University of Pennsylvania Information Security
Philadelphia PA USA
(215) 898-1236
http://www.upenn.edu/computing/security/
==================================================
Penn Information Security RSS feed
http://www.upenn.edu/computing/security/rss/rssfeed.xml
Add link to your favorite RSS reader
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/