(c/o SV)
By Online Staff
January 19, 2005
http://www.theage.com.au/articles/2005/01/19/1106074829004.html?oneclick=tru
e#
Symantec's security website SecurityFocus, which runs the well-known Bugtraq
vulnerability mailing list, has been forced to retract one of its columns in
which it claimed that only people who validated their copies of Windows
online could download Microsoft's spyware beta.
The column, by Mark D. Rasch, J.D., who is a former head of the Justice
Department's computer crime unit, and now serves as Senior Vice President
and Chief Security Counsel at Solutionary Inc., was posted on January 18.
In the article, Rasch wrote: Early last month Microsoft announced that it
would permit downloads of a beta version of its anti-spyware software from
its website. However, users attempting to download the software are informed
that "[t]his download is available to customers running genuine Microsoft
Windows. Please click Continue to begin Windows validation." The website
then uploads an executable file called "GenuineCheck.exe" to the users
computer.
AdvertisementAdvertisement
However, in reality, users can click on the Continue button and proceed to a
page where they have the choice of downloading the spyware beta after
validating their copy of Windows or without going through the validation
process.
Today, an editor's note was seen on the article: "This column is in error.
The download site for Microsoft's anti-virus software strongly encourages
users to run the company's validation software, but does not require it.
SecurityFocus apologizes (sic) for the mistake."
SecurityFocus is owned by Symantec which, in 2002, purchased what was until
then one of the most comprehensive databases of vulnerabilities available,
for $US75 million.
You are a subscribed member of the infowarrior list. Visit
www.infowarrior.org for list information or to unsubscribe. This message
may be redistributed freely in its entirety. Any and all copyrights
appearing in list messages are maintained by their respective owners.
