Full Disclosure mailing list archives
Re: Unofficial Microsoft patches help hackers, not security
From: Dan Trevino <dantrevino () yahoo com>
Date: Wed, 4 Jan 2006 11:33:10 -0800 (PST)
Er...whether its patched my Microsoft or patched by a hacker, the hacker still has the rootkit installed. Your suggestion is to give the hackers more time to install their rootkits? Brilliant. dan (sorry for the top-posting, not at my normal workstation) ----- Original Message ---- From: Joe Average <yahooinsider () gmail com> To: Niek <niek () asbak coding-slaves com>; full-disclosure () lists grok org uk Sent: Wed 04 Jan 2006 01:49:58 PM EST Subject: Re: [Full-disclosure] Unofficial Microsoft patches help hackers, not security
From my blog:
""[Unofficial patches are available, as is a leaked official patch] [Unofficial patches are merely used by hackers as a tool to patch machines they've compromised, to stop other hackers hacking the same machine, although the machine is still accessable to the hacker.] [The consumer goes along to Windows Update on Tuesday and doesn't think they need a patch, because Microsoft tells them its not needed. Little does the consumer know their machine was patched by a hacker, who now has control over their computer network.]"" It means the unofficial patch is as harmful as the vulnerability and exploit code its self. On 1/4/06, Niek <niek () asbak coding-slaves com> wrote: On 1/4/2006 7:33 PM +0100, Joe Average wrote:
........ The majority of consumers aren't getting your unofficial patches, but you can be sure the hackers are using them, and using them to their advantage.
Yeah hackers are now using the unofficial patch to protect themselves!!! nooooooooooooooooo Niek _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Unofficial Microsoft patches help hackers, not security Joe Average (Jan 04)
- Re: Unofficial Microsoft patches help hackers, not security Niek (Jan 04)
- Re: Unofficial Microsoft patches help hackers, not security Joe Average (Jan 04)
- Re: Unofficial Microsoft patches help hackers, not security Niek (Jan 04)
- Re: Unofficial Microsoft patches help hackers, not security gboyce (Jan 04)
- Re: Unofficial Microsoft patches help hackers, not security Dan Trevino (Jan 04)
- Re: Unofficial Microsoft patches help hackers, not security Morning Wood (Jan 04)
- Re: Unofficial Microsoft patches help hackers, not security ad () heapoverflow com (Jan 04)
- Re: Unofficial Microsoft patches help hackers, not security Morning Wood (Jan 04)
- Re: Unofficial Microsoft patches help hackers, not security bkfsec (Jan 05)
- Re: Unofficial Microsoft patches help hackers, not security Joe Average (Jan 04)
- Re: Unofficial Microsoft patches help hackers, not security Niek (Jan 04)
- Re: Unofficial Microsoft patches help hackers, not security Colin (Jan 05)
- <Possible follow-ups>
- RE: Unofficial Microsoft patches help hackers, not security Christopher Carpenter (Jan 04)
- RE: Unofficial Microsoft patches help hackers, not security Todd Towles (Jan 04)