Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Microsoft failing security test?

From: InfoSec News <isn () c4i org>
Date: Mon, 14 Jan 2002 03:05:16 -0600 (CST)
Forwarded from: McDonald Patrick <mcdonald_patrick () bah com>

I have to respectfully disagree with Chris Wysopal.

<snip>

"Chris Wysopal, director of research and development for security
company @Stake, argued that an early warning can sometimes actually
hurt security, tipping off malicious attackers to the vulnerability."

<snip>

Does early warning help script kiddies, most definitely.  However it
also helps admins protect their systems against these attacks.  A
script kiddie can't use an exploit that an admin has prepared against.  
Thus the exploit is useless against an informed admin.

We can see this with w00w00's most recent advisory.  w00w00's advisory
did provide script kiddies with a new weapon (the exploit code),
however they also provided protection against it (AIM filter and
restricting incoming requests).  How many of us downloaded AIM filter
the moment we verified the advisory?  Every person who loaded AIM
filter was once less target for the newly armed script kiddies.

Pat

As an afterthought, does anyone else find it interesting that
Microsoft .Net (secure Internet lol) already has its own virus (see
ISN's post titled Virus writers take an early crack at .Net.  
Microsoft failing the security test, they haven't even bothered to
show up.

-----Original Message-----
From: owner-isn () attrition org [mailto:owner-isn () attrition org]On Behalf
Of InfoSec News
Sent: Friday, January 11, 2002 10:47 AM
To: isn () attrition org
Subject: [ISN] Microsoft failing security test?


http://www.zdnet.com/zdnn/stories/news/0,4586,5101593,00.html?chkpt=zdhpnews
01

By Robert Lemos
Special to ZDNet News
January 11, 2002 4:38 AM PT

Microsoft's security initiatives and the release of the company's
"most secure operating system yet" haven't quashed myriad holes that
security experts say put customers in harm's way.

Although the software titan has been touting the need for security
through its Secure Windows Initiative, the recent revelation of a
severe flaw in the company's flagship Windows XP operating
system--combined with the discoveries of several recent Internet
Explorer browser holes--has left security experts questioning whether
Microsoft can fully lock down its products.

[...]



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: