Educause Security Discussion mailing list archives

Re: Microsoft IIS security update ms08-006 looks critical to me

From: David Shettler <dshettle () HOLYCROSS EDU>
Date: Tue, 12 Feb 2008 16:59:31 -0500

Given that the vector is not disclosed (never is), it could be such
that the complexity of executing an exploit against said vulnerability
is not conducive to automated propagation.  Without knowing the full
details it is difficult to judge.

Based on the information provided I agree with your position, however.

Dave Shettler
ITS, College of the Holy Cross
Lead Dev. OSVDB

Current thread:

Microsoft IIS security update ms08-006 looks critical to me Gary Flynn (Feb 12)
- <Possible follow-ups>
- Re: Microsoft IIS security update ms08-006 looks critical to me David Shettler (Feb 12)
- Re: Microsoft IIS security update ms08-006 looks critical to me Basgen, Brian (Feb 14)
- Re: Microsoft IIS security update ms08-006 looks critical to me Basgen, Brian (Feb 14)
- Re: Microsoft IIS security update ms08-006 looks critical to me Curt Wilson (Feb 14)
- Re: Microsoft IIS security update ms08-006 looks critical to me Gary Flynn (Feb 15)