Hello Alexander, On or about Tuesday, August 12, 2003 at 19:23:08GMT +0200 (which was 12:23 PM in the tropics where I live) Alexander posted:
A> Sorry for continuing this OT thread, but I find it highly A> important. A> Spike, what you write is just plain wrong. Blaster is not dependant A> on email *at all*. Please, don't spread half-knowledge and confuse A> people with it. I'm just going by my EXPERIENCE here _in the Cayman Islands_. The common denominator is UNPATCHED Windows installations AND access to webmail by people violating company protocols. There are many who are uninfected, despite being on the same network and node of an infected system, but have not accessed webmail. ALL my clients run the built- in WIN-XP firewall, which may account for this. > *Anyone* with WinNT4, 2000 or XP is advised to do so immediately, > read MS03-26. A thorough search of the Microshaft site for this 'MS03-26' returned _NO ON-TOPIC_ hits! I ran into this before when someone sent me this last week. The MS site is very poorly indexed, if you ask me! However this came up in a search for KB823980: Download details: Windows Server 2003 64-Bit Edition Security Patch: Buffer Overrun In RPC Interface Could Allow Code Execution http://www.microsoft.com/downloads/details.aspx?displaylang=en&familyid=2b566973-c3f0-4ec1-995f-017e35692bc7 Download details: Windows 2000 Security Patch: Buffer Overrun In RPC Interface Could Allow Code Execution http://www.microsoft.com/downloads/details.aspx?displaylang=en&familyid=c8b8a846-f541-4c15-8c9f-220354449117 Download details: Windows XP Security Patch: Buffer Overrun In RPC Interface Could Allow Code Execution http://www.microsoft.com/downloads/details.aspx?displaylang=en&familyid=2354406c-c5b6-44ac-9532-3de40f69c074 823980 - MS03-026: Buffer Overrun in RPC Interface May Allow Code Execution http://support.microsoft.com/default.aspx?scid=kb;en-us;823980 Microsoft Security Bulletin MS03-026 http://www.microsoft.com/technet/security/bulletin/ms03-026.asp Thanks for the information. The 'market' here is very isolated, and my remarks were based upon real-life experience in this market. I have an unpatched WIN2K system on an open ADSL connection with NO FIREWALL (a test system) that is unaffected at this time, and by all expectations SHOULD be by now. I use this system exclusively to record local radio talk shows with a program called 'Total Recorder.' Only in the last few months has XP become commonplace here, and over 50% of corporate clients here still run WIN98 or NT-4 on their average desktop. The most common server here is still NT-4. Any 'misleading' information was unintended. I'll say no more on this topic, if only because it is trout bait. -- Warmest tropical wishes, Spike Quote for the nanosecond: "Heaven can wait, Hell is often a bit more aggressive." /"\ ASCII Ribbon Campaign - Against HTML Mail \ / If it aint a webpage it shouldn't be HTML. X Say NO! to bloatmail - ban HTML mail! / \ Ask Spikey, he hates everything (HTML). -------------------------------------------------- Using TheBat! v1.62r hamstrung by Windows XP 5.1 Build 2600 Service Pack 1' -------------------------------------------------- ________________________________________________ Current version is 1.62r | "Using TBUDL" information: http://www.silverstones.com/thebat/TBUDLInfo.html
