funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Microsoft to rush out emergency Windows patch today

From: "Jack McCarthy" <funsec () jackmccarthy com>
Date: Thu, 23 Oct 2008 22:32:52 -0400
How? (This is hypothetical here) I am running XPSP2 and my firewall is
on. I don't have file and print sharing on, as is the case with the
overwhelming majority of XPSP2 users.


Change the perspective at which you look at it.  Plant the seed (think 
drive-by, think rouge antivirus/antispyware, think SQL Injection/IFRAME mass 
compromises, malicious SWF/MP3/PDF, rotating banner ads, ...) and *then* let 
it spread (RPC/network propagation).  Could be a major pain-in-the-ass once 
inside a corporate network don't you think?

http://blog.threatexpert.com/2008/10/gimmiva-exploits-zero-day-vulnerability.html

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: