[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Potential Microsoft PCT worm (MS04-011)

To: "Full-Disclosure" <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: [Full-Disclosure] Potential Microsoft PCT worm (MS04-011)
From: "Alerta Redsegura" <alerta@xxxxxxxxxxxxx>
Date: Fri, 23 Apr 2004 18:21:39 -0500

# start snip

- Microsoft ( ... ) continues to urge all customers to immediately install
the MS4-011 update ( ...)

- Customers who are still evaluating and testing MS04-011 should immediately
implement the workaround steps detailed for the PCT/SSL vulnerability
detailed in the MS04-011.  In addition, Microsoft has published a knowledge
base article KB187498 at
http://support.microsoft.com/default.aspx?scid=kb;en-us;187498 which
provides additional details on SSL and how to disable PCT without applying
MS04-011.

# end snip

"Evaluating and testing" ?

Is it so difficult for Microsoft to acknowledge that MS04-11 does cause some
Windows 2003 and Win2K servers to become unstable, to the point that
reinstalling Windows is sometimes necessary?

Is there going to be an update to the patch?




Iñigo Koch
Red Segura



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] Potential Microsoft PCT worm (MS04-011)
  - From: insecure

Prev by Date: RE: [Full-Disclosure] Potential Microsoft PCT worm (MS04-011)
Next by Date: RE: [Full-Disclosure] Wireless legal to eavesdrop
Previous by thread: RE: [inbox] Re: [Full-Disclosure] Potential Microsoft PCT worm (MS04-011)
Next by thread: Re: [Full-Disclosure] Potential Microsoft PCT worm (MS04-011)
Index(es):
- Date
- Thread