On Thu, 19 Jul 2001 16:44:08 -0700, Laurence Hand wrote:
>Did anyone else see that one of Microsoft's windowsupdate.microsoft.com
>servers got bit by this worm? It went away when we refreshed the screen
>and presumably rolled over to another server, but it is definitely on at
>least one of their servers.
Confirmed. Here's a "souvenir"
http://www.datarescue.com/fprot/virinfo/hackedbychinese.gif
This DOES raise some pretty fundamental questions about the security of
all the infrastructure, because, in theory the compromised servers
_could_ have been exploited more extensively and _could_ be delivering
nastily compromised stuff around. I have no reason to believe it has
happened, but still...
---
Pierre Vandevenne - DataRescue : home of the IDA Pro Disassembler
Advanced tools for the IT Security Industry. www.datarescue.com/idabase/
SM CF and MS Picture Recovery Software www.datarescue.com/photorescue/
