|
Grex > Agora46 > #128: Stupid liberals and Micro$oft crap code. | |
|
| Author |
Message |
| 13 new of 62 responses total. |
tod
|
|
response 50 of 62:
| 
Aug 13 21:57 UTC 2003 |
This response has been erased.
|
pvn
|
|
response 51 of 62:
|
Aug 14 04:03 UTC 2003 |
re#39: Have you patched your NT4.0 for the DCOM Rpc vulnerability? Or
didn't you notice its now on the list...
re#42&43: Not directly, but if you are on a network with M$ users the
potential for problems is there, especially if infrastructure such as
DNS servers or DHCP servers run on vulnerable M$ OS.
Also current thinking is that the current M$ critical patch only patches
one vulnerability and either creates a new one, there was one hidden, or
there was an unnoticed one. Symptom is supposedly patched system
rebooting when attacked. The truely paranoid are thinking that the
scheduled DDOS attack this weekend is the one of a one two punch - they
suspect there is a second exploit scheduled to be triggered during the
DDOS attack preventing M$ users from downloading a patch against it.
Also the current worm is polite enough to warn you that you have 60
seconds... Immediately set your date to a year or more ago and proceed
with the cleanup at your leasure (but do it quickly). All the major
vendors have free cleanup tools that seem to work. VPN users who's
software vendor supposedly protects you via a 'shim' at a low level
should be aware that you are totally vulnerable during the
authentication and setup phase - I have personally seen an infection of
dialup user during this small open window.
Update now, its already too late.
|
polytarp
|
|
response 52 of 62:
|
Aug 14 10:12 UTC 2003 |
* sniiiiiiiiif *
hu
* snuff*
"[Thick] Asiatic eyebrows, encrusted with latex au opium..."
"O, "
"O, pee-U",, O-P-U-Um.
|
gull
|
|
response 53 of 62:
|
Aug 14 14:29 UTC 2003 |
Re #51: Most of the NT 4.0 systems have been patched. None of our
Windows systems provide Internet services, and they're all firewalled
off, so it's not urgent to patch them all immediately. The last Windows
system we had providing an Internet service to the outside world was our
IIS web server, which we replaced with a Linux system running Apache not
long after Code Red. (Not as a direct result, though. We'd been
planning it for some time.)
|
lynne
|
|
response 54 of 62:
|
Aug 14 15:02 UTC 2003 |
Nobody bothers infecting WinMe anymore--doesn't irritate enough people.
If I weren't so lazy, I might go check manually for patches, but I'm
enough of a control freak that I'd want to go through and examine each
update before installing--dunno if windows update offers this option
or not. I use pine almost exclusively for mail, so viruses aren't a
problem.
|
scott
|
|
response 55 of 62:
|
Aug 14 16:26 UTC 2003 |
well, then at least back your stuff up.
|
gull
|
|
response 56 of 62:
|
Aug 14 19:30 UTC 2003 |
Windows Update does give you the opportuity to individually approve or
decline updates.
|
tod
|
|
response 57 of 62:
|
Aug 14 19:43 UTC 2003 |
This response has been erased.
|
russ
|
|
response 58 of 62:
|
Aug 16 01:37 UTC 2003 |
You mean, it's too late for anyone dumb enough to run an M$ OS.
|
scott
|
|
response 59 of 62:
|
Aug 16 01:44 UTC 2003 |
Re 57: There's a blurb over on the Register about an MS patch for WinNT which
was apparently worse than the hole it was trying to fix. A new patch fixes
that patch.
|
polytarp
|
|
response 60 of 62:
|
Aug 16 15:51 UTC 2003 |
Fucking opium addicts.
|
lynne
|
|
response 61 of 62:
|
Aug 16 17:56 UTC 2003 |
What polytarp said. :)
I tend not to upgrade unless there's a dire need for it. Somewhere between
not trusting MS and not fixing what ain't broken lies the reason...Yes, I
backup files pretty regularly. In fact, that reminds me...
|
gull
|
|
response 62 of 62:
|
Aug 16 20:16 UTC 2003 |
Re #57: Some patches have side effects. Installing Q328310 for Windows
NT 4.0, for example, causes random bluescreens on most (but not all) of
the machines at work.
|