Results 1 to 7 of 7

Thread: Successful Exploit Renders Microsoft Patch Ineffective

Threaded View

  1. March 13th, 2009, 11:41 AM #7
    nihil
    nihil is offline
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Yes, this is a little more complicated.

    The problem is they don't close the door in this case
    In my simple view of things, patches have two main attributes:

    1. You run the program and get a message as to whether it was successful or not.

    2. It plugs the hole, and all you need worry about is what might have invaded your system before the patch was applied.

    The difference here seems to be (to me at least) that it doesn't plug the hole if you have already been compromised? The importance of this being that, even if you cleared out all the malware that might have been installed through exploiting the vulnerability, you are still at risk.

    In that respect it looks more like a possible mitigation than a true "patch"

    That is one of the suggestions I've put forward... However Microsoft doesn't seem to agree.
    I am afraid that I can't understand that. The situation would seem to be similar to uninstalling an application.............sometimes you get a message that tells you that uninstallation was completed but some elements could not be removed and you will have to do it manually. At least you are informed.

    Whether or not the issue is widespread is not the case... if you're going to take the time to patch something... patch it properly or don't bother given out a false sense of security.
    Given that the issue affects servers I would say that it was worth worrying about, even if it isn't widespread (yet). Individually targeted attacks are not unknown are they?

    As for the false sense of security I really couldn't agree more. Many administrators don't have the resources to analyse what a patch actually does (or doesn't), they just take it on trust that it does what it says on the label.

    In my experience, all people do is test that the patch doesn't screw their system, then roll it out

    As for the disclosure, I believe that Tyler acted in a totally responsible and professional manner. It isn't as if he produced a POC for a zero day exploit......... all he did was warn people that a supposed fix wouldn't work in all situations.

    I just can't see that as griping, whining or Microsoft bashing.
    Last edited by nihil; March 13th, 2009 at 11:50 AM.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. August security hotfixes
    By mohaughn in forum Microsoft Security Discussions
    Replies: 1
    Last Post: August 9th, 2005, 07:37 PM
  2. Network Security made easy?
    By Tiger Shark in forum Microsoft Security Discussions
    Replies: 5
    Last Post: January 14th, 2005, 08:47 PM
  3. October MS updates
    By mohaughn in forum Microsoft Security Discussions
    Replies: 2
    Last Post: October 13th, 2004, 04:31 AM
  4. Securing Windows 2000 and IIS
    By spools.exe in forum Microsoft Security Discussions
    Replies: 0
    Last Post: September 15th, 2003, 09:47 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules