WebApp Sec mailing list archives
Re: [WEB SECURITY] Re: Microsoft's 'Honeymonkey' project finds 0day
From: Christopher Canova <ccanova () reachone com>
Date: Thu, 18 Aug 2005 18:57:02 -0700
F Lace wrote:
Only if they make their patches work better. I get a blue screen with few of the patches, a similar description is found at: http://www.geekstogo.com/forum/Fatal_Errors_Upon_Loading_Windows-t19049.html If I do not patch my PC, it is vulnerable. If I patch my PC, is not usable. What the heck - if it is only websites that can harm my PC, then I will restrict browsing only a few popular ones. But I know the source can not only be websites but other things too. but I dont know what they can be. Can I keep my PC unpatched and remain confident? Thanks.
Some legitimate sites may be compromised if only for a short period of time, set up to start exploiting visitors. However, the likelihood of that is slim. What is more likely is a malformed URL on one of those infamous "typo" sites which rely on typo URL for popular sites (like Amizon.com, etc.) A simply typo could lead you to a malformed page. Interestingly enough, Microsoft is taking actions in the form of a "Honey Monkey" project. They are using unpatched systems to scour the web for sites and reporting them to the proper authorities. See http://research.microsoft.com/HoneyMonkey/ -- Christopher Canova, Student
Current thread:
- RE: [WEB SECURITY] Re: Microsoft's 'Honeymonkey' project finds 0day Aiken, Dan (Aug 12)
- Re: [WEB SECURITY] Re: Microsoft's 'Honeymonkey' project finds 0day F Lace (Aug 14)
- Re: [WEB SECURITY] Re: Microsoft's 'Honeymonkey' project finds 0day Christopher Canova (Aug 18)
- Re: [WEB SECURITY] Re: Microsoft's 'Honeymonkey' project finds 0day F Lace (Aug 14)