Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Unofficial Microsoft patches help hackers, not security
From: Dan Trevino <dantrevino () yahoo com>
Date: Wed, 4 Jan 2006 11:33:10 -0800 (PST)


Er...whether its patched my Microsoft or patched by a hacker, the hacker still has the rootkit installed.  Your 
suggestion is to give the hackers more time to install their rootkits?  Brilliant. 
  
dan  
  (sorry for the top-posting, not at my normal workstation)

----- Original Message ----
From: Joe Average <yahooinsider () gmail com>
To: Niek <niek () asbak coding-slaves com>; full-disclosure () lists grok org uk
Sent: Wed 04 Jan 2006 01:49:58 PM EST
Subject: Re: [Full-disclosure] Unofficial Microsoft patches help hackers, not security

From my blog:
  
 ""[Unofficial patches are available, as is a leaked official patch] [Unofficial patches are merely used by hackers as 
a tool to patch machines they've compromised, to stop other hackers hacking the same machine, although the machine is 
still accessable to the hacker.] [The consumer goes along to Windows Update on Tuesday and doesn't think they need a 
patch, because Microsoft tells them its not needed. Little does the consumer know their machine was patched by a 
hacker, who now has control over their computer network.]"" 
  
 It means the unofficial patch is as harmful as the vulnerability and exploit code its self.

 
 On 1/4/06, Niek <niek () asbak coding-slaves com> wrote: On 1/4/2006 7:33 PM +0100, Joe Average wrote:
........ The majority of consumers aren't
getting your unofficial patches, but you can be sure the hackers are using 
them, and using them to their advantage.

Yeah hackers are now using the unofficial patch to protect themselves!!!
nooooooooooooooooo

Niek
_______________________________________________
Full-Disclosure - We believe in it. 
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/ 


 _______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]