And written by a Microsoft employee, to boot. On Wed, 19 May 2004 10:26 pm, Troels Bay wrote: > Wow, that's pretty amazing. > > Now one can't trust somewhat 50% of all Microsoft Computers. > > That's rather fun, wouldn't you say? > > On May 19, 2004, at 14:11, A.H. wrote: > > By Jesper M. Johansson, Ph.D., CISSP, MCSE, MCP+I > > Security Program Manager > > > > Microsoft Corporation: > >> You can’t clean a compromised system by using some “vulnerability > >> remover.” Let’s say you had a system hit by Blaster. A number of > >> vendors (including Microsoft) published vulnerability removers for > >> Blaster. Can you trust a system that had Blaster after the tool is > >> run? I wouldn’t. If the system was vulnerable to Blaster, it was also > >> vulnerable to a number of other attacks. Can you guarantee that none > >> of those have been run against it? I didn’t think so. > >> > >> You can’t trust any data copied from a compromised system. Once an > >> attacker gets into a system, all the data on it may be modified. In > >> the best-case scenario, copying data off a compromised system and > >> putting it on a clean system will give you potentially untrustworthy > >> data. In the worst-case scenario, you may actually have copied a back > >> door hidden in the data. > > > > http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx > > http://www.vsantivirus.com/derribar-reconstruir.htm > > > > > > > > > > > > > > > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.netsys.com/full-disclosure-charter.html > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
