Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MS06-019 - How long before this develops into a self propagating email worm

From: David Taylor <ltr () isc upenn edu>
Date: Wed, 10 May 2006 10:37:35 -0400
One of the things that makes this a bit more dangerous is that the patch
causes problems so people are more reluctant to install the patch until they
see what problems others are having.  This could be interesting.


On 5/10/06 6:26 AM, "schanulleke.29172787 () bloglines com"
<schanulleke.29172787 () bloglines com> wrote:


All,

I have read the Microsoft advisory and the alarm bells started to
whistle ;)

As fas a I can read this open the door to fully self propagating
email worms with whatever payload you desire.

Yet, sans.org, symantec and
us-cert.gov still have their threat levels on 1.

What am I missing, surely
this superseeds the IE7 0-day action (sorry couldn't resist).

Schanulleke


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



==================================================
David Taylor //Sr. Information Security Specialist
University of Pennsylvania Information Security
Philadelphia PA USA
(215) 898-1236
http://www.upenn.edu/computing/security/
==================================================

Penn Information Security RSS feed
http://www.upenn.edu/computing/security/rss/rssfeed.xml
Add link to your favorite RSS reader



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: