http://lists.immunitysec.com/pipermail/dailydave/2003-September/000033.html
On Mon, 2003-09-15 at 15:17, Exibar wrote: > Does anyone have this paper that the quoted Microsoft PSS advisory mentions > or a link to it? I'd love to give it a read... > > thanks all! > Exibar > The PSS Security team is issuing this alert to advise customers that on > Saturday 9/13/03 a research company called Immunity published a paper > providing guidance on how to exploit the vulnerabilities patched by > Microsoft Security Bulletin MS03-039. To date we've had no reports of actual > exploit code being publicly available or being used actively in a worm or > virus. > > Customers that have applied the patch as advised in Microsoft Security > Bulletin MS03-039 are protected from exploit code developed using the > guidance provided in this paper. Customers who have not deployed the patch > or taken additional mitigating actions to protect their environment should > be aware that the existence of sample code does make it easier for an active > exploit to be developed. We are therefore strongly urging customers to > immediately deploy the patch in their environments and take additional > mitigation steps, as described in the bulletin, to protect themselves. > > Information on Microsoft Security Bulletin MS03-039 and its associated > patch, mitigating factors and workarounds can be found here: > > http://www.microsoft.com/technet/security/bulletin/ms03-039.asp > > PSS Security Team > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
