> This was such a benign implementation of the serious > DCOM security risk, that my conspiracy theory > is ... Microsoft had this worm released on purpose > in an attempt to get everyone to patch their > machines before a really threatening version was > released.
It used dcom.c's bindshell and the transfer method was TFTP. I don't think Microsoft was behind MSBlast, and they were probably afraid when it was released. Worms get more exposure than just security flaws. > Any of these would cause so much harm to Microsoft > from the lawsuits and lost business, that they > couldn't afford to let it remain out there, thus the > conspiracy theory arises. Microsoft just got lucky. The possibility of a harder worm is still out there but it wont effect as many as it would have before MSBlast. This also is a good example how home users(obvious) dont patch windows and how microsoft has yet another vulnerable service, but this time it wasnt IIS. __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
