Full Disclosure mailing list archives
Re: The MSBlast Conspiracy Theory
From: Joey <joey2cool () yahoo com>
Date: Fri, 15 Aug 2003 00:52:57 -0700 (PDT)
This was such a benign implementation of the serious DCOM security risk, that my conspiracy theory is ... Microsoft had this worm released on purpose in an attempt to get everyone to patch their machines before a really threatening version was released.
It used dcom.c's bindshell and the transfer method was TFTP. I don't think Microsoft was behind MSBlast, and they were probably afraid when it was released. Worms get more exposure than just security flaws.
Any of these would cause so much harm to Microsoft from the lawsuits and lost business, that they couldn't afford to let it remain out there, thus the conspiracy theory arises.
Microsoft just got lucky. The possibility of a harder worm is still out there but it wont effect as many as it would have before MSBlast. This also is a good example how home users(obvious) dont patch windows and how microsoft has yet another vulnerable service, but this time it wasnt IIS. __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- The MSBlast Conspiracy Theory Weezer Hutchins (Aug 14)
- Re: The MSBlast Conspiracy Theory Brad Pryce (Aug 15)
- Re: The MSBlast Conspiracy Theory Joey (Aug 15)
- Re: The MSBlast Conspiracy Theory Jeremiah Cornelius (Aug 15)
- Re: The MSBlast Conspiracy Theory Mike Vasquez (Aug 15)
- <Possible follow-ups>
- RE: The MSBlast Conspiracy Theory Noble, Jim (Aug 15)
- RE: The MSBlast Conspiracy Theory Dark-Avenger (Aug 15)