This was such a benign implementation of the serious DCOM security risk, that my conspiracy theory is ... Microsoft had this worm released on purpose in an attempt to get everyone to patch their machines before a really threatening version was released.
Imagine, what if ... ... this vulnerability was used to remove all the .doc, .xls, .ppt, etc. files off the drives, including network attached drives? (you know how everyone keeps backups of all their files :) ... this vulnerability intentionally stole everybody's address books and transferred them to some anonymous ftp server for later pickup (a spammer's dream)? ... this vulnerability stole financial and personal data in the same manner as above, and gets bank account numbers, credit card numbers, passwords, etc., from Quicken, Microsoft Money and other files (of course, everybody password protects these files)? ... (insert your own extremely disastrous scenario here) Any of these would cause so much harm to Microsoft from the lawsuits and lost business, that they couldn't afford to let it remain out there, thus the conspiracy theory arises. __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
