Full Disclosure mailing list archives
Re: Unofficial Microsoft patches help hackers, not security
From: Michael Holstein <michael.holstein () csuohio edu>
Date: Wed, 04 Jan 2006 16:51:47 -0500
This trend does nothing to prove netdev's post however. The situtation that MW shows here, happens all the time. How many people are infected with SDBot, but then apply the correct Microsoft patch to fix the hole. They are still infected....the patch being applied after the fact has no real effect on the security of the system.
Not to mention all the folks that installed the patch (including those that used automated roll-out tools) but didn't reboot the computer.
FWIW, the same is true of the patch to gdi32 and shimgvw. /mike. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Unofficial Microsoft patches help hackers, not security, (continued)
- Re: Unofficial Microsoft patches help hackers, not security Morning Wood (Jan 04)
- Re: Unofficial Microsoft patches help hackers, not security bkfsec (Jan 05)
- Re: Unofficial Microsoft patches help hackers, not security Colin (Jan 05)
- Re: Unofficial Microsoft patches help hackers, not security nocfed (Jan 04)
- Re: Unofficial Microsoft patches help hackers, not security Simon Richter (Jan 04)
- Re: Unofficial Microsoft patches help hackers, not security Mike Hoye (Jan 04)
- RE: Unofficial Microsoft patches help hackers, not security Christopher Carpenter (Jan 04)
- RE: Unofficial Microsoft patches help hackers, not security Todd Towles (Jan 04)
- RE: Unofficial Microsoft patches help hackers, not security Jason Jones (Jan 04)
- RE: Unofficial Microsoft patches help hackers, not security Todd Towles (Jan 04)
- Re: Unofficial Microsoft patches help hackers, not security Michael Holstein (Jan 04)