Security Basics mailing list archives
RE: Detecting new Windows .jpeg exploit
From: "Kenton Smith" <ksmith () chartwelltechnology com>
Date: Fri, 17 Sep 2004 09:45:55 -0600
Unfortunately it isn't even that good. I've run MBSA on a number of machines here and for every one it tells me that it can't confirm whether MS04-28 is installed or not. So I thought, OK, that'll change once it is actually installed... No dice, it can't tell whether it is installed or not even if it's installed. Kenton -----Original Message----- From: Roger A. Grimes [mailto:roger () banneretcs com] Sent: Thursday, September 16, 2004 3:17 PM To: H Carvey; security-basics () securityfocus com Subject: RE: Detecting new Windows .jpeg exploit The problem is slightly more complex than that. MBSA certainly won't tell the whole truth. It will tell whether you have the patch applied, but not whether the vulnerability is closed...because many people are reporting multiple vulnerable copies of the GDI executable. The patch only updates the Windows system version, not every version existing on a computer. If an application is installed that looks for and uses an older version, then you can still be vulnerable. --------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
Current thread:
- Detecting new Windows .jpeg exploit Bowes, Ronald (EST) (Sep 15)
- Re: Detecting new Windows .jpeg exploit Miles Stevenson (Sep 16)
- <Possible follow-ups>
- Re: Detecting new Windows .jpeg exploit H Carvey (Sep 16)
- RE: Detecting new Windows .jpeg exploit Bowes, Ronald (EST) (Sep 16)
- RE: Detecting new Windows .jpeg exploit Roger A. Grimes (Sep 16)
- RE: Detecting new Windows .jpeg exploit Kenton Smith (Sep 18)