funsec mailing list archives

RE: Kaspersky strikes again

From: "Hubbard, Dan" <dhubbard () websense com>
Date: Fri, 21 Dec 2007 15:24:17 -0800

Somebody better tell Erakhtin to get moving he has 17 pieces of code to
reverse and is 5 behind Melanov.

 

 

 

 

 

 

 

 

 

From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org]
On Behalf Of Young, Keith
Sent: Friday, December 21, 2007 7:39 AM
To: Richard M. Smith; funsec () linuxbox org
Subject: RE: [funsec] Kaspersky strikes again

A faulty signature update from Kaspersky Lab on Wednesday

flagged up Windows Explorer (explorer.exe) as infected with a

low-risk virus, Huhk-C. As a result the core Windows component was

quarantined or worse.

I was visited by a Kaspersky representative a while ago. The person
mentioned that they "detect new viruses every couple of minutes and
release signature updates almost immediately". I was then shown their
real-time detection web site <http://www.kaspersky.com/viruswatch3>.

 

I was then reminded of Dr. Solly's comment about needing 30 days of QA
testing (10+ years ago) for every signature database release, I thought
about how IT infrastructure has become even more complex since then, and
started an internal pool of when issues like this news story would be
common.

 

On a related note:

"We have been working with a small number of customers that reported
issues related to the installation of MS07-069. Specifically, on a
Windows XP Service Pack 2 (SP2)-based computer, Internet Explorer 6 may
stop responding when you try to a visit a web site."

 

<http://blogs.technet.com/msrc/archive/2007/12/18/ms07-069-cumulative-se
curity-update-for-internet-explorer-post-install-issue.aspx>

 

--Keith

Keith Young, Security Official
Department of Technology Services
Montgomery County, Maryland

 

Click here
<https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg==
MgOzE9ygwK6EDOQEE9l1nF44Oh9TY1rO2rR89XeyWDKr06Il6ptIFrO3NOlD6sIZe2jxcBKF
nSG73HkD4WYCWBNeAmdW7XfTlj5GC73FFpuptvxUL82W2kPEXzkSD3mUR0t2vobzdyVYLVTx
4gdXFpJMl!Z0t8I!SP!G9ZB5NRDGj1SW8Cx2VgcC>  to report this email as spam.



 Protected by Websense Messaging Security ? www.websense.com

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

RE: Kaspersky strikes again, (continued)
- - - RE: Kaspersky strikes again Drsolly (Dec 21)
    - RE: Kaspersky strikes again Larry Seltzer (Dec 21)
    - Re: Kaspersky strikes again Dude VanWinkle (Dec 22)
    - Re: Kaspersky strikes again coderman (Dec 21)
    - Re: Kaspersky strikes again silky (Dec 21)
    - Re: Kaspersky strikes again Drsolly (Dec 22)
    - Re: Kaspersky strikes again silky (Dec 22)
    - RE: Kaspersky strikes again Alex Eckelberry (Dec 21)
    - RE: Kaspersky strikes again Peter Kosinar (Dec 21)
- RE: Kaspersky strikes again Young, Keith (Dec 21)
  - RE: Kaspersky strikes again Hubbard, Dan (Dec 21)
- shit happens, et tu, AVG? was Re: Kaspersky strikes again Kitsune (Dec 21)
  - RE: shit happens, et tu, AVG? was Re: Kaspersky strikes again Alex Eckelberry (Dec 21)
    - RE: shit happens, et tu, AVG? was Re: Kaspersky strikes again Drsolly (Dec 21)
    - Re: shit happens, et tu, AVG? was Re: Kaspersky strikes again Valdis . Kletnieks (Dec 21)
    - RE: shit happens, et tu, AVG? was Re: Kaspersky strikes again David Harley (Dec 22)
    - RE: shit happens, et tu, AVG? was Re: Kaspersky strikes again Drsolly (Dec 22)
    - RE: shit happens, et tu, AVG? was Re: Kaspersky strikes again David Harley (Dec 23)
    - Re: shit happens, et tu, AVG? was Re: Kaspersky strikes again Dude VanWinkle (Dec 22)
  - RE: [stuff] happens, et tu, AVG? was Re: Kaspersky strikes again Young, Keith (Dec 21)
- RE: Kaspersky strikes again Daniel H. Renner (Dec 21)

(Thread continues...)