[Wylug-help] MS Worms?

James Holden james at microcosmos.co.uk
Fri Sep 19 17:55:58 BST 2003


Anne Wilson wrote:

>On Friday 19 Sep 2003 3:41 pm, James Holden wrote:
>
>
>>This is ridiclous, there's hundreds of the things. Y'know I'm
>>surprised nobody has sued MS for making such crap, buggy products.
>>The blame for all these email worms lies squarely at their door as
>>far as I'm concerned.
>>
>>That said, this particular one is the one that disguises itself as
>>a security update, tricking the clueless user into running it.
>>AFAIK there isn't a patch for clueless users to date.
>>
>>James
>>
>>
>>
>You and I know that M$ don't send out patches via email, but one of
>the ones that came in here this morning must have looked very
>convincing to someone who does not know.  Looking at the html (I
>haven't of course seen it in all its glory - my filter caught it) it
>is full of links to M$ pages.  The attachment is Upgrade59.exe
>
>Anne
>
>
Some of these people need a good lesson from my 'clue-by-four'.

I think there's a certain responsibility on the part of ISPs to do
proper egress filtering from their users. It's been suggested before,
maybe with an opt-out for us techie types who want to do more advanced
stuff.

In this case it relies on tricking the user rather than exploiting a
software vuln, which is arguably worse. There's not much MS can really
do about this one.

James






More information about the Wylug-help mailing list