IIRC, MS05-039 didn't hit XP SP2 users as hard as those of earlier versions for the same reasons MS08-067 doesn't. Back then XPSP2 was relatively new, about a year old and met with a lot of resistance, so the world was full of vulnerable systems. How many pre-XP SP2 systems are out there in the wild now? (And not already massively infected with something?)
Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.pcmag.com/securitywatch/ Contributing Editor, PC Magazine [EMAIL PROTECTED] -----Original Message----- From: Paul Ferguson [mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2008 7:51 PM To: Larry Seltzer Cc: Juha-Matti Laurio; [email protected] Subject: Re: [funsec] Microsoft to rush out emergency Windows patch today -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, Oct 23, 2008 at 4:03 PM, Larry Seltzer <[EMAIL PROTECTED]> wrote: >>>-Block TCP ports 139 and 445 at the firewall > So it's serious, about as serious a bug as we've seen from Microsoft in > at least 2 or 3 years, but it's no Blaster. People are largely better > protected now in spite of themselves. > MS05-039. Yes, that serious. - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFJAQ3Lq1pz9mNUZTMRArz6AKCWFc6x67QiR3rAg689SsQjDthNWwCfZqgf fHL6YoTclMei4r+qS2uywoo= =OnGD -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
