Is Zotob A MS Plot . . . .

[kurttrail]

.. . . . To get their Corporate Customers to upgrade to XPSP2 & later to
upgrade to Shorthorn?

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"

 

[Vagabond Software]

. . . . To get their Corporate Customers to upgrade to XPSP2 & later to
upgrade to Shorthorn?

--

I doubt it. It didn't even work to upgrade one particular corporate
customer to Windows 2000 SP4 from SP3. They (the customer) just paid the
$150,000 for the patch on SP3.

Carl

 

[kurttrail]

I doubt it. It didn't even work to upgrade one particular corporate
customer to Windows 2000 SP4 from SP3. They (the customer) just paid
the $150,000 for the patch on SP3.

LOL! MS will find a way to profit from Zotob, one way or another!

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"

 

[Alias]

LOL! MS will find a way to profit from Zotob, one way or another!

As will many computer repair firms.

Alias

 

[Vagabond Software]

LOL! MS will find a way to profit from Zotob, one way or another!

--

Well, computers users are kind of like drivers. They'll just keep paying
whatever companies charge as long as they don't have to change their habits.

It's hard to find too much fault with the companies that profit by catering
to the consumer's preferences.

Carl

 

[kurttrail]

As will many computer repair firms.

Alias

Yeah, but those repair firms bad code didn't create the security hole in
the first place.

MS is, in effect, profiting from its own mistakes.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"

 

[Steve N.]

. . . . To get their Corporate Customers to upgrade to XPSP2 & later to
upgrade to Shorthorn?

Rediculous idea. If it was then Zotob would'nt only target Win2 OS.

Steve

 

[kurttrail]

Well, computers users are kind of like drivers. They'll just keep
paying whatever companies charge as long as they don't have to change
their habits.
It's hard to find too much fault with the companies that profit by
catering to the consumer's preferences.

Profiteering from its coding blunders seems to be a bit extortionate to
me. MS should be offering the patch to cover its security whole for
free.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"

 

[kurttrail]

Rediculous idea. If it was then Zotob would'nt only target Win2 OS.

Steve

According to CNN, which got hit, some older than XP versions were
affected.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"

 

[Vagabond Software]

Profiteering from its coding blunders seems to be a bit extortionate to
me. MS should be offering the patch to cover its security whole for free.

--

They did provide a patch for free... a week before there were any known
instances of the exploits in the user community. I have clients running
Windows 2000 workstations, and none of them have been affected by this
problem... and one client with nine Windows 2000 workstations hasn't even
been patched yet!

Wow! Amazing! It's a miracle! Maybe the divine hand of God came down and
touched little old me, or perhaps He is defending my clients' workstations
with a pillar of fire! Or perhaps network security is configured
correctly... the same way it would be configured whether my client was using
Windows or Linux.

Carl

 

[Steve N.]

Sorry. That should have read "only target Win2K OS."

According to CNN, which got hit, some older than XP versions were
affected.

http://www.f-secure.com/v-descs/zotob_a.shtml

"The exploit uses fixed offsets inside Windows 2000 version of
umpnpmgr.dll. This means that only Windows 2000 systems (SP0-4) are
affected."

http://vil.nai.com/vil/content/v_135433.htm

"This self-executing worm spreads by exploiting Windows2000 MS05-039
vulnerable systems in order to instruct those systems to download and
execute the worm."

Steve

 

[Alias]

Sorry. That should have read "only target Win2K OS."



http://www.f-secure.com/v-descs/zotob_a.shtml

"The exploit uses fixed offsets inside Windows 2000 version of
umpnpmgr.dll. This means that only Windows 2000 systems (SP0-4) are
affected."

http://vil.nai.com/vil/content/v_135433.htm

"This self-executing worm spreads by exploiting Windows2000 MS05-039
vulnerable systems in order to instruct those systems to download and
execute the worm."

Steve

Then why was there a patch for XP? Or was there?

Alias, scratching his head.

 

[kurttrail]

They did provide a patch for free... a week before there were any
known instances of the exploits in the user community. <snip>

"They (the customer) just paid the $150,000 for the patch on SP3."

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"

 

[kurttrail]

Sorry. That should have read "only target Win2K OS."



http://www.f-secure.com/v-descs/zotob_a.shtml

"The exploit uses fixed offsets inside Windows 2000 version of
umpnpmgr.dll. This means that only Windows 2000 systems (SP0-4) are
affected."

http://vil.nai.com/vil/content/v_135433.htm

"This self-executing worm spreads by exploiting Windows2000 MS05-039
vulnerable systems in order to instruct those systems to download and
execute the worm."

http://securityresponse.symantec.com/avcenter/venc/data/w32.zotob.b.html

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"

 

[Steve N.]

Then why was there a patch for XP? Or was there?

Alias, scratching his head.

There is a patch for the same class of vulnerability present in other
Win OSes, but this particular worm is specifically targetting Win2K. It
can be launched from other Win OSes but not infect them.

Steve

 

[Vagabond Software]

"They (the customer) just paid the $150,000 for the patch on SP3."

--

Well, I shouldn't have said "the customer"... The end-users' IT service
provider paid $150,000 to patch their operating system. Why? Because they
insist on running an unsupported operating system, which is Windows 2000
SP3. Why? Because they moved their Technicians to an hourly rate to save
money during slow periods.

Even though the IT firm would pay nothing to Microsoft to upgrade to Windows
2000 SP4, a supported operating system, they would have to pay those hourly
technicians to "touch" a helluva lot of machines. So, this IT firm has made
the calculated decision that it is cheaper to pay Microsoft for patches to
an unsupported operating system than it is to pay the Technicians an hourly
rate.

I know this doesn't fit well in your world view, but the progressive IT
firms that actually train their technicians and pay them to manage their
clients' networks never seem to get hit with these problems. Meanwhile, the
reactionary IT firms almost ALWAYS get hit by each and every one of these
problems because they only dispatch technicians to FIX problems AFTER they
are reported.

Carl

 

[George]

http://securityresponse.symantec.com/avcenter/venc/data/w32.zotob.b.html

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"

kurtrail,

For once I agree with you! I believe this is no different than the
government trying to slow down home sales so they raise the interest rate.
When that didn't work gas goes up 30 cents a gallon and we all have less
money because of it. Think that will slow home sales?

Think more people will turn on Automatic Updates now? I do! Just think
Vista is on the way to save us all from the evil doers of this world

It is interesting as I said the same thing about the last nasty worm that
came around and started all of this stuff where MS put on their website
about the three steps to protecting yourself. Do I believe they gain from
this, yes!!

However, good test to see if you are managing your PC correctly....

George

 

[Steve N.]

http://securityresponse.symantec.com/avcenter/venc/data/w32.zotob.b.html

Yes, I have read that.

The Symantec writeup fails to mention that it only directly exploits the
MS05-039 vulnerability in Windows2000. Other Windows platforms can
execute and launch the worm but themselves do not get infected or
exploited by it.

Steve

 

[kurttrail]

Yes, I have read that.

The Symantec writeup fails to mention that it only directly exploits
the MS05-039 vulnerability in Windows2000. Other Windows platforms can
execute and launch the worm but themselves do not get infected or
exploited by it.

Steve

Doesn't matter as my point is that MS will use this worm to get corps
that have been reluctant to upgrade.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"

 

[Fuzzy Logic]

. . . . To get their Corporate Customers to upgrade to XPSP2 & later to
upgrade to Shorthorn?

It's a conspiracy. All software vendors delight in writing bad code so that
you are forced to spend all your free time patching your operating system
and applications.

For example look at the holes that CERT considered important for the WEEK of
August 3-9:

http://www.us-cert.gov/cas/bulletins/SB05-222.html

That's only the tip of the iceberg:

http://www.securityfocus.com/vulnerabilities

Best to stay away from computers entirely!