Re: Issue with Microsoft WindowsUpdate/MicrosoftUpdate

["Young, Keith" <Keith.Young () montgomerycountymd gov>]

> Just a quick OT question.  I can understand obfuscating malware 
> links in order to allow email filters to let messages through 
> (though we should have all whitelisted the mailing lists we are 
> on) and I can understand doing it to prevent the inadvertent brain 
> fail and unintentional click.
>
> Why is it necessary to do so for Microsoft's update URLs?

For one simple reason: this is a public mailing list, I am a (somewhat)
untrusted sender, and I didn't want readers to think that I could be
(through html/javascript) redirecting them to
"update.microsoft.com.evil.web.site/v6/blah/blah/...". 

Then again, anyone clicking on links from public mailing lists sent by
untrusted senders probably (hopefully??) already turned off
html/javascript in their e-mails already.

--Keith

Keith Young, Security Official
Department of Technology Services
Montgomery County, Maryland
phone - (240) 777-2955 

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.