Re: MS06-019 - How long before this develops into a self propagating email worm

[n3td3v <n3td3v () gmail com>]

On 5/11/06, Valdis.Kletnieks () vt edu <Valdis.Kletnieks () vt edu> wrote:
> On Thu, 11 May 2006 19:15:50 BST, n3td3v said:
>
> > "Thereeeeeees zero-day in the wild, you're going to get haaaaaxx3d"
>
> It's more like "We now know about a zero-day that's been on the loose
> for some unknown amount of time, and you may already be hax0red. And if
> you haven't, you probably will be as soon as the script kiddies who are
> even more lame than our security professionals find the zero-day. HAND".

Code alone is not a threat. Its obvious these security companies never
have specific intelligence of worms being planned. All they can base
their threat meters on is a generalization.

Which one is the threat:

"A gun store has opened on the corner, someone might buy a gun and shoot"

or

"I overheard a conversation that johnny average is annoyed at bob and
spoke about revenge, he's really into guns, and a gun store has just
opened on the corner, johnny is mentally unstable, and he's really
good at hitting his targets, he shot someone in the past but no one
told the police."

Regardz,

n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/