Full Disclosure mailing list archives
RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd)
From: Gordon Ewasiuk <gordon.ewasiuk () verizon net>
Date: Wed, 13 Aug 2003 01:31:19 -0400 (EDT)
On Wed, 13 Aug 2003, Dennis Heaton wrote:
Date: Wed, 13 Aug 2003 00:25:43 -0400 From: Dennis Heaton <dennish () comcast net> To: full-disclosure () lists netsys com Subject: RE: [Full-disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) On the car radio today I heard that the Maryland Dept. of Motor Vehicles was shutdown completely as well as numerous other state and federal agencies in the USA. What is really scary is that many companies or agencies will not report their problems...the IT department does not want to look stupid. So we may never really now the extent of this worm!
Just to pile on... http://www.eweek.com/article2/0,3959,1200038,00.asp "The federal government last week awarded a $90 million contract to Microsoft Corp. to provide the Department of Homeland Security with desktop and server software." Tax dollars at work... " The move could send a signal to enterprises and other software vendors that the government is happy with Microsoft's progress in improving the security of its software. As part of the National Strategy to Secure Cyberspace, which the Bush administration unveiled last year, officials in all agencies of the federal government are supposed to be using their purchasing power to pressure vendors into producing more secure software." I'm not making this up... "The message is meant to be: Make better software, or we'll take our business elsewhere. Microsoft, of Redmond, Wash., has apparently received that message. It has begun a companywide initiative to upgrade the security of its software and has put its Windows 2000 operating system through the government's stringent Common Criteria certification process." Yes, that says "make better software or we'll take our business elsewhere". "The agreement covers approximately 140,000 desktops, which will include standard configuration, Windows XP, Microsoft Office Professional and Core Client Access licenses. According to the department, it will provide for a more standard computing environment and reduce deployment, implementation and maintenance costs." 140,000 possible victims. This was right around the time the DCOM patch was published by M$. Interesting... BTW, the press release announcing the M$ contract mysteriously went missing on dhs.gov. Perhaps it was never there...don't know. Yet, the site has press releases announcing various grants and awards: http://www.dhs.gov/dhspublic/display?content=1090 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd), (continued)
- RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Gerald Cody Bunch (Aug 11)
- RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Richard Stevens (Aug 12)
- RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Mike (Aug 12)
- Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Chris Garrett (Aug 12)
- Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Andrew Simmons (Aug 12)
- Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) gregh (Aug 13)
- RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Richard Stevens (Aug 12)
- Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Lan Guy (Aug 12)
- Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Jonathan Rickman (Aug 12)
- RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Dennis Heaton (Aug 12)
- RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Gordon Ewasiuk (Aug 12)
- Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Jeremiah Cornelius (Aug 13)
- RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Nick FitzGerald (Aug 13)
- RE: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) Joey (Aug 13)
- RE: ISS Security Brief: 'MS Blast' MSRPC DCOM Worm Propagation (fwd) Daniele Muscetta (Aug 14)
- RE: ISS Security Brief: 'MS Blast' MSRPC DCOM Worm Propagation (fwd) Joey (Aug 14)
- RE: ISS Security Brief: 'MS Blast' MSRPC DCOM Worm Propagation (fwd) Daniele Muscetta (Aug 14)
- Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd) morning_wood (Aug 12)
- Blaster: will it spread without tftp? Maarten (Aug 12)
- Re: Blaster: will it spread without tftp? Craig Pratt (Aug 12)