Home page logo

bugtraq logo Bugtraq mailing list archives

Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup
From: "Stan Bubrouski" <stan.bubrouski () gmail com>
Date: Thu, 13 Apr 2006 14:59:18 -0400

On 4/13/06, Brandon S. Allbery KF8NH <allbery () ece cmu edu> wrote:

On Apr 13, 2006, at 1:29 , Dave Korn wrote:

  Hey, guess what I just found out:  Microsoft have deliberately
their DNS client's hosts table lookup functionality.

I thought this was part of avoiding malware attempts to block Windows

How bypassing blocking of go.microsoft.com affects windowsupdate I
don't know.  Been a while since I looked at windows update at all, but
doesn't it download files from mirrors anyways?  And even if it didn't
are the files actually downloaded from go.microsoft.com?  Either way
it appears Dave is right, which makes me wonder if there isn't another
greater purpose aside form WMP updates.  Like assured tracking of
users for other nefarious and monopolistic purposes.

Best Regards,

brandon s. allbery     [linux,solaris,freebsd,perl]
allbery () kf8nh com
system administrator  [openafs,heimdal,too many hats]
allbery () ece cmu edu
electrical and computer engineering, carnegie mellon university

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]