Full Disclosure mailing list archives
OT but related.
From: <dhtml () hush com>
Date: Thu, 31 Jul 2003 17:41:45 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I read Paul's post and that one and can't see two identical sentences. Can you show me one? These look to me to be two individuals who've discovered the same problem by different means ***** ARE _YOU_ BLIND? You're buddy stole Cooper's message and modified it to make it appear like he did the testing. Probably to justify his non- technical position in the matter as he slowly sinks while surrounded by real techs. Here we go, I shall convert it to braille for you: RC: "FYI, it is worth reminding people that some patch checking tools don't do a complete check. Windows Update doesn't check files, and it would seem that other products have problems also" PS: "For the rest of you, testing has shown that some patch management tools are incorrectly reporting that MS03-026 is installed when it's not (notably Windows Update and Update Expert, among others.) RC: Update Expert (and possibly other such tools) will incorrectly assert you have the patch applied when in fact you don't RC: Some tools only check for the presence of a registry key indicating that a hotfix was applied. Other tools, such as Shavlik's HFNetchk and MBSA (and others) actually check file details, including a checksum, to verify that the files in play are actually the right versions PS: If theycheck the registry (like Windows Update and Update Expert do) they will *incorrectly* report that MS03-026 has been installed when if fact the files have not been updated. If they do MD5 checksums (like Hfnetchk or MBSA), they will correctly report the patch level. RC: MBSA and eEye's Retina both said the systems *did not* have MS03- 026 applied (right). PS: The Retina tool from eEye (and I would assume the IIS commandline tool as well) is correctly reporting what *is* patched and what is *not* patched, so you need to rely on those to give you accurate information. RC: While this may be a problem with the way Update Expert deploys Service Pack + Hotfix combinations, it also demonstrates the problem Windows Update has by not being able to examine file details (relying only on registry entries). PS: You could actually have users going to Windows Update and finding no patches available when in fact they are still vulnerable. PLAGIARISM ONE OH ONE SAID THE BLIND MAN TO THE DEAF MAN. BUT I AM A REAL TECH SIGNED THE DEAF MAN. I CODE IN SIGN LANGUAGE. CAN I HAVE YOURS. Paul Smells: http://lists.netsys.com/pipermail/full-disclosure/2003-July/012043.html Russ Cooper: http://archives.neohapsis.com/archives/ntbugtraq/2003-q3/0076.html -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.3 wkYEARECAAYFAj8ptygACgkQTAj0ZSCgbx5VXwCdFvHe1aYqjisT+D3PnX/M2+p8tNoA n0sMUnZPbRb3GZWFLUuvBcOdLk4+ =jq72 -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger https://www.hushmail.com/services.php?subloc=messenger&l=434 Promote security and make money with the Hushmail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: OT but related. Parker, Jeff (MSE) (Jul 31)
- <Possible follow-ups>
- OT but related. dhtml (Jul 31)