[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] The MSBlast Conspiracy Theory

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] The MSBlast Conspiracy Theory
From: Joey <joey2cool@yahoo.com>
Date: Fri, 15 Aug 2003 00:52:57 -0700 (PDT)

> This was such a benign implementation of the serious
> DCOM security risk, that my conspiracy theory
> is ... Microsoft had this worm released on purpose
> in an attempt to get everyone to patch their
> machines before a really threatening version was
> released.

It used dcom.c's bindshell and the transfer method was
TFTP. I don't think Microsoft was behind MSBlast, and
they were probably afraid when it was released. Worms
get more exposure than just security flaws.

> Any of these would cause so much harm to Microsoft
> from the lawsuits and lost business, that they
> couldn't afford to let it remain out there, thus the
> conspiracy theory arises.

Microsoft just got lucky. The possibility of a harder
worm is still out there but it wont effect as many as
it would have before MSBlast. This also is a good
example how home users(obvious) dont patch windows and
how microsoft has yet another vulnerable service, but
this time it wasnt IIS.

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] The MSBlast Conspiracy Theory
  - From: Weezer Hutchins <weezspam@yahoo.com>

Prev by Date: Re: [Full-Disclosure] curious email
Next by Date: RE: [Full-Disclosure] "MS Blast" Win2000 Patch Download
Prev by thread: [Full-Disclosure] The MSBlast Conspiracy Theory
Next by thread: Re: [Full-Disclosure] The MSBlast Conspiracy Theory
Index(es):
- Date
- Thread