Any large website that logs User-Agent strings should be able to figure out how many systems were affected by this. The systems were disabled for essentially the entire day. By looking at the dip in "Windows NT 5.1" systems compared to other systems, a large website should be able to track how many systems were disabled.
http://erratasec.blogspot.com/2010/04/some-large-website-please-do-this-study.html ----- Original Message ---- From: The Security Community <[email protected]> To: funsec <[email protected]> Sent: Wed, April 21, 2010 12:32:05 PM Subject: [funsec] Apparently McAfee stepped on their genitals today... http://isc.sans.org/ We have received several reports indicating some issues with McAfee DAT 5958 causing Windows XP SP3 clients to be locked out. It is affecting svchost.exe. Here is an example of the message: The file C:WINDOWSsystem32svchost.exe contains the W32/Wecorl.a Virus. Undetermined clean error, OAS denied access and continued. Detected using Scan engine version 5400.1158 DAT version 5958.0000. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
