Here We Go Again

[NoStop]

Time to get your systems updated (again) kids. Your toy operating system is
once more under attack.

http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html

"The director of Microsoft's security response center, Debbie Fry Wilson,
said the computer giant was in an "emergency response" mode. "Right now,
we're mobilizing our two war rooms," she told CNN."

 

[Mark Dormer]

yawn

 

[PA Bear]

Microsoft Security Advisory (899588): Vulnerability in Plug and Play Could
Allow Remote Code Execution and Elevation of Privilege:
http://www.microsoft.com/technet/security/advisory/899588.mspx

<QP>
....these worms exploit the
Windows Plug and Play vulnerability remotely only against Windows
2000-based systems...

Other versions of Windows, including Windows XP Service Pack 2 and
Windows Server 2003 are not impacted by Worm:Win32/Zotob.A, its
variations, and similar worms attempting to exploit the Windows Plug and
Play vulnerability, unless they have already been compromised by other
malicious software. Customers can protect against attacks attempting to
utilize this vulnerability by installing the security updates provided
by the Microsoft Security Bulletin MS05-039 immediately....
</QP>

 

[Brian]

Yup, mine downloaded an important security update.

 

[Alias]

Got the patch last week.

Alias

 

[NoNoBadDog!]

Time to get your systems updated (again) kids. Your toy operating system
is
once more under attack.

http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html

"The director of Microsoft's security response center, Debbie Fry Wilson,
said the computer giant was in an "emergency response" mode. "Right now,
we're mobilizing our two war rooms," she told CNN."

So, the idiot that refuses to acknowledge or accept the fact that Linux has
vulnerabilities posts another half-a**ed attempt at knocking Windows.

You are stupid enough to think that *nix boxes are not vulnerable.

You quote information out of context.

You haven't got a clue, and couldn't find your own a** with both hands, a
flashlight and a map.

Why don't you simply STFU and disappear from these newsgroups. You have
never contributed anything of value, and your infantile belief in the
invulnerability of **nix shows just how stupid you are.

Did your mother have any children that were not brain-dead at birth?

Bobby

 

[Leythos]

Time to get your systems updated (again) kids. Your toy operating system is
once more under attack.

http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html

"The director of Microsoft's security response center, Debbie Fry Wilson,
said the computer giant was in an "emergency response" mode. "Right now,
we're mobilizing our two war rooms," she told CNN."

Funny, it seems to have only impacted networks that were not secured
properly in the first place.

 

[Leythos]

Time to get your systems updated (again) kids. Your toy operating system is
once more under attack.

I guess you didn't see all of the Unix service patches to fix exploits
that came out over the last two weeks?

 

[R. McCarty]

What's funny is CNN's coverage. It basically showed the world
their ineptitude with maintaining a secure network. Exploit known,
patch available - nothing done. How about changing the name to
the "Dilbert News Network".

Who wants to bet that CNN's IT operations are outsourced.
The security alert is probably still on some manager's desk at IBM
Global Services waiting for sign-off/approval, to be rolled out to
customers around Labor Day.

 

[Leythos]

What's funny is CNN's coverage. It basically showed the world
their ineptitude with maintaining a secure network. Exploit known,
patch available - nothing done. How about changing the name to
the "Dilbert News Network".

You know, I thought the exact same thing - that any one willing to
expressly go on TV and let the worm/virus writers know they were greatly
impacted must be a moron. Not to mention that it now shows the complete
lack of security they must have!

Who wants to bet that CNN's IT operations are outsourced.
The security alert is probably still on some manager's desk at IBM
Global Services waiting for sign-off/approval, to be rolled out to
customers around Labor Day.

Don't knock outsourced IT, it's off-shore that is the problem. We do
more than 1000 seats remotely across the US and none of our customers
were compromised by the virus/worm.

 

[R. McCarty]

Thanks for the correction, I'll concede that it's offshore that is
the biggest laggard. But I beat up on IBM Global Services due
to 1st-hand experience. I have the greatest respect for the
small, hands-on operations that take their responsibility seriously.
Next time,I'll rephrase the derogatory comments to the real
source of the problems, Off-shored and the "Large/Corporate
IT outfits" that have more bureaucracy than the US Government.

So pardon me for making a Global statement that denigrates all
Outsourcing.

 

[Leythos]

Thanks for the correction, I'll concede that it's offshore that is
the biggest laggard. But I beat up on IBM Global Services due
to 1st-hand experience. I have the greatest respect for the
small, hands-on operations that take their responsibility seriously.
Next time,I'll rephrase the derogatory comments to the real
source of the problems, Off-shored and the "Large/Corporate
IT outfits" that have more bureaucracy than the US Government.

So pardon me for making a Global statement that denigrates all
Outsourcing.

We're fine in that. I figured what you meant and see the same issues
myself - large outsourced companies providing reactionary support or
off-shore companies reading from scripts.

 

[Mike Hall \(MS-MVP\)]

That must really go down well with Big Lou.. he hates outsourcing, Mexicans,
Canadians, his own mother most likely..

 

[R. McCarty]

What I get from this is another of these operations that don't migrate
to the latest OS. I mean most media outlets buy the latest technology.
You would think that maybe XP might offer some beneficial security
and multi-media features they could benefit from.

Maybe Ted Turner gave the IT budget to the United Nations.

 

[NoStop]

Funny, it seems to have only impacted networks that were not secured
properly in the first place.

Nothing funny about it. MickeyMouse only issued the security update on
August 8th. Do you honestly expect millions of computers (half of which in
the corporate world are still running W2K) to be totally secured with
patches on a daily basis? That's one of the major problems Windoze users
face. They need to be babysitting their 'puters daily just to keep them
running. When disaster strikes, in this Wintard crowd, the victims are
blamed because they just didn't babysit their systems enough and the
messenger is attacked because their toy operating system is once again put
into disrepute.

Obviously MickeyMouse finds it enough of a problem to setup "two war rooms",
while Lythos here, just things its "funny".

 

[Jone Doe]

You quoted the wrong line in the post.

Microsoft has a downloadable patch on its security homepage,
Microsoft.com/security.

 

[NoStop]

Funny, it seems to have only impacted networks that were not secured
properly in the first place.

Hey Leythos,

Read this article and then maybe you'll start to get some understanding
about why your simpleton solutions don't fit into the real world.

http://blogs.washingtonpost.com/securityfix/2005/08/as_the_worm_tur.html

 

[Greg Ro]

Microsoft Security Advisory (899588): Vulnerability in Plug and Play Could
Allow Remote Code Execution and Elevation of Privilege:
http://www.microsoft.com/technet/security/advisory/899588.mspx

<QP>
...these worms exploit the
Windows Plug and Play vulnerability remotely only against Windows
2000-based systems...

Other versions of Windows, including Windows XP Service Pack 2 and
Windows Server 2003 are not impacted by Worm:Win32/Zotob.A, its
variations, and similar worms attempting to exploit the Windows Plug and
Play vulnerability, unless they have already been compromised by other
malicious software. Customers can protect against attacks attempting to
utilize this vulnerability by installing the security updates provided
by the Microsoft Security Bulletin MS05-039 immediately....
</QP>

I guess grc.com knew about this vulnerability a long time ago.
They are just know fixing it? They have a program called unpnp.exe
that will disable it.

See
http://www.grc.com/unpnp/unpnp.htm

Greg Ro

 

[R. McCarty]

Different exploit - Plug-&-Play is different from uPNP or
Universal Plug-&-Play.

 

[Leythos]

Nothing funny about it. MickeyMouse only issued the security update on
August 8th. Do you honestly expect millions of computers (half of which in
the corporate world are still running W2K) to be totally secured with
patches on a daily basis? That's one of the major problems Windoze users
face. They need to be babysitting their 'puters daily just to keep them
running. When disaster strikes, in this Wintard crowd, the victims are
blamed because they just didn't babysit their systems enough and the
messenger is attacked because their toy operating system is once again put
into disrepute.

Obviously MickeyMouse finds it enough of a problem to setup "two war rooms",
while Lythos here, just things its "funny".

Patched or not, they should not have had exposure to the virus, which
means that their networks would have been properly secured, which means
they would not have been infected.

We have more than 1000 nodes between the east and west coast and not one
compromise.