Here We Go Again

Archived from groups: microsoft.public.windowsxp.general (More info?)

Time to get your systems updated (again) kids. Your toy operating system is
once more under attack.

http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html

"The director of Microsoft's security response center, Debbie Fry Wilson,
said the computer giant was in an "emergency response" mode. "Right now,
we're mobilizing our two war rooms," she told CNN."


--
Have you been MicroShafted today?
To mess up a Linux box, you need to work *at* it.
To mess up a Windows box, you need to work *on* it.
19 answers Last reply
More about here again
  1. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Microsoft Security Advisory (899588): Vulnerability in Plug and Play Could
    Allow Remote Code Execution and Elevation of Privilege:
    http://www.microsoft.com/technet/security/advisory/899588.mspx

    <QP>
    ....these worms exploit the
    Windows Plug and Play vulnerability remotely only against Windows
    2000-based systems...

    Other versions of Windows, including Windows XP Service Pack 2 and
    Windows Server 2003 are not impacted by Worm:Win32/Zotob.A, its
    variations, and similar worms attempting to exploit the Windows Plug and
    Play vulnerability, unless they have already been compromised by other
    malicious software. Customers can protect against attacks attempting to
    utilize this vulnerability by installing the security updates provided
    by the Microsoft Security Bulletin MS05-039 immediately....
    </QP>
    --
    ~Robear Dyer (PA Bear)
    MS MVP-Windows (IE/OE, Shell/User, Security), AH-VSOP

    NoStop wrote:
    > Time to get your systems updated (again) kids. Your toy operating system
    > is once more under attack.
    >
    > http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html
    >
    > "The director of Microsoft's security response center, Debbie Fry Wilson,
    > said the computer giant was in an "emergency response" mode. "Right now,
    > we're mobilizing our two war rooms," she told CNN."
  2. Archived from groups: microsoft.public.windowsxp.general (More info?)

    "NoStop" <nostop@stopspam.com> wrote in message
    news:HABMe.228727$5V4.134158@pd7tw3no...
    > Time to get your systems updated (again) kids. Your toy operating system
    > is
    > once more under attack.
    >
    > http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html
    >
    > "The director of Microsoft's security response center, Debbie Fry Wilson,
    > said the computer giant was in an "emergency response" mode. "Right now,
    > we're mobilizing our two war rooms," she told CNN."
    >
    >
    >
    > --
    > Have you been MicroShafted today?
    > To mess up a Linux box, you need to work *at* it.
    > To mess up a Windows box, you need to work *on* it.

    So, the idiot that refuses to acknowledge or accept the fact that Linux has
    vulnerabilities posts another half-a**ed attempt at knocking Windows.

    You are stupid enough to think that *nix boxes are not vulnerable.

    You quote information out of context.

    You haven't got a clue, and couldn't find your own a** with both hands, a
    flashlight and a map.

    Why don't you simply STFU and disappear from these newsgroups. You have
    never contributed anything of value, and your infantile belief in the
    invulnerability of **nix shows just how stupid you are.

    Did your mother have any children that were not brain-dead at birth?

    Bobby
  3. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Yup, mine downloaded an important security update.
    "PA Bear" <PABearMVP@gmail.com> wrote in message
    news:eX12hLwoFHA.576@TK2MSFTNGP15.phx.gbl...
    > Microsoft Security Advisory (899588): Vulnerability in Plug and Play Could
    > Allow Remote Code Execution and Elevation of Privilege:
    > http://www.microsoft.com/technet/security/advisory/899588.mspx
    >
    > <QP>
    > ...these worms exploit the
    > Windows Plug and Play vulnerability remotely only against Windows
    > 2000-based systems...
    >
    > Other versions of Windows, including Windows XP Service Pack 2 and
    > Windows Server 2003 are not impacted by Worm:Win32/Zotob.A, its
    > variations, and similar worms attempting to exploit the Windows Plug and
    > Play vulnerability, unless they have already been compromised by other
    > malicious software. Customers can protect against attacks attempting to
    > utilize this vulnerability by installing the security updates provided
    > by the Microsoft Security Bulletin MS05-039 immediately....
    > </QP>
    > --
    > ~Robear Dyer (PA Bear)
    > MS MVP-Windows (IE/OE, Shell/User, Security), AH-VSOP
    >
    > NoStop wrote:
    >> Time to get your systems updated (again) kids. Your toy operating system
    >> is once more under attack.
    >>
    >> http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html
    >>
    >> "The director of Microsoft's security response center, Debbie Fry Wilson,
    >> said the computer giant was in an "emergency response" mode. "Right now,
    >> we're mobilizing our two war rooms," she told CNN."
    >
  4. Archived from groups: microsoft.public.windowsxp.general (More info?)

    You quoted the wrong line in the post.

    Microsoft has a downloadable patch on its security homepage,
    Microsoft.com/security.


    "NoStop" <nostop@stopspam.com> wrote in message
    news:HABMe.228727$5V4.134158@pd7tw3no...
    > Time to get your systems updated (again) kids. Your toy operating system
    > is
    > once more under attack.
    >
    > http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html
    >
    > "The director of Microsoft's security response center, Debbie Fry Wilson,
    > said the computer giant was in an "emergency response" mode. "Right now,
    > we're mobilizing our two war rooms," she told CNN."
    >
    >
    >
    > --
    > Have you been MicroShafted today?
    > To mess up a Linux box, you need to work *at* it.
    > To mess up a Windows box, you need to work *on* it.
  5. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Got the patch last week.

    Alias
    "NoStop" <nostop@stopspam.com> wrote

    > Time to get your systems updated (again) kids. Your toy operating system
    > is
    > once more under attack.
    >
    > http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html
    >
    > "The director of Microsoft's security response center, Debbie Fry Wilson,
    > said the computer giant was in an "emergency response" mode. "Right now,
    > we're mobilizing our two war rooms," she told CNN."
    >
    >
    >
    > --
    > Have you been MicroShafted today?
    > To mess up a Linux box, you need to work *at* it.
    > To mess up a Windows box, you need to work *on* it.
  6. Archived from groups: microsoft.public.windowsxp.general (More info?)

    In article <HABMe.228727$5V4.134158@pd7tw3no>, nostop@stopspam.com
    says...
    > Time to get your systems updated (again) kids. Your toy operating system is
    > once more under attack.
    >
    > http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html
    >
    > "The director of Microsoft's security response center, Debbie Fry Wilson,
    > said the computer giant was in an "emergency response" mode. "Right now,
    > we're mobilizing our two war rooms," she told CNN."

    Funny, it seems to have only impacted networks that were not secured
    properly in the first place.

    --

    spam999free@rrohio.com
    remove 999 in order to email me
  7. Archived from groups: microsoft.public.windowsxp.general (More info?)

    In article <HABMe.228727$5V4.134158@pd7tw3no>, nostop@stopspam.com
    says...
    > Time to get your systems updated (again) kids. Your toy operating system is
    > once more under attack.

    I guess you didn't see all of the Unix service patches to fix exploits
    that came out over the last two weeks?

    --

    spam999free@rrohio.com
    remove 999 in order to email me
  8. Archived from groups: microsoft.public.windowsxp.general (More info?)

    What's funny is CNN's coverage. It basically showed the world
    their ineptitude with maintaining a secure network. Exploit known,
    patch available - nothing done. How about changing the name to
    the "Dilbert News Network".

    Who wants to bet that CNN's IT operations are outsourced.
    The security alert is probably still on some manager's desk at IBM
    Global Services waiting for sign-off/approval, to be rolled out to
    customers around Labor Day.

    "Leythos" <void@nowhere.lan> wrote in message
    news:MPG.1d6ce9aed0e27ace989c19@news-server.columbus.rr.com...
    > In article <HABMe.228727$5V4.134158@pd7tw3no>, nostop@stopspam.com
    > says...
    >> Time to get your systems updated (again) kids. Your toy operating system
    >> is
    >> once more under attack.
    >
    > I guess you didn't see all of the Unix service patches to fix exploits
    > that came out over the last two weeks?
    >
    > --
    >
    > spam999free@rrohio.com
    > remove 999 in order to email me
  9. Archived from groups: microsoft.public.windowsxp.general (More info?)

    That must really go down well with Big Lou.. he hates outsourcing, Mexicans,
    Canadians, his own mother most likely.. :-)


    --
    Mike Hall
    MVP - Windows Shell/User


    "R. McCarty" <PcEngWork-NoSpam_@mindspring.com> wrote in message
    news:u2sLhCyoFHA.2472@tk2msftngp13.phx.gbl...
    > What's funny is CNN's coverage. It basically showed the world
    > their ineptitude with maintaining a secure network. Exploit known,
    > patch available - nothing done. How about changing the name to
    > the "Dilbert News Network".
    >
    > Who wants to bet that CNN's IT operations are outsourced.
    > The security alert is probably still on some manager's desk at IBM
    > Global Services waiting for sign-off/approval, to be rolled out to
    > customers around Labor Day.
    >
  10. Archived from groups: microsoft.public.windowsxp.general (More info?)

    What I get from this is another of these operations that don't migrate
    to the latest OS. I mean most media outlets buy the latest technology.
    You would think that maybe XP might offer some beneficial security
    and multi-media features they could benefit from.

    Maybe Ted Turner gave the IT budget to the United Nations.

    "Mike Hall (MS-MVP)" <mike.hall.mail@sympatico.ca> wrote in message
    news:e8PT$ryoFHA.576@TK2MSFTNGP15.phx.gbl...
    > That must really go down well with Big Lou.. he hates outsourcing,
    > Mexicans, Canadians, his own mother most likely.. :-)
    >
    >
    > --
    > Mike Hall
    > MVP - Windows Shell/User
    >
    >
    > "R. McCarty" <PcEngWork-NoSpam_@mindspring.com> wrote in message
    > news:u2sLhCyoFHA.2472@tk2msftngp13.phx.gbl...
    >> What's funny is CNN's coverage. It basically showed the world
    >> their ineptitude with maintaining a secure network. Exploit known,
    >> patch available - nothing done. How about changing the name to
    >> the "Dilbert News Network".
    >>
    >> Who wants to bet that CNN's IT operations are outsourced.
    >> The security alert is probably still on some manager's desk at IBM
    >> Global Services waiting for sign-off/approval, to be rolled out to
    >> customers around Labor Day.
    >>
    >
    >
  11. Archived from groups: microsoft.public.windowsxp.general (More info?)

    On Wed, 17 Aug 2005 04:08:42 -0400, "PA Bear" <PABearMVP@gmail.com>
    wrote:

    >Microsoft Security Advisory (899588): Vulnerability in Plug and Play Could
    >Allow Remote Code Execution and Elevation of Privilege:
    >http://www.microsoft.com/technet/security/advisory/899588.mspx
    >
    ><QP>
    >...these worms exploit the
    >Windows Plug and Play vulnerability remotely only against Windows
    >2000-based systems...
    >
    >Other versions of Windows, including Windows XP Service Pack 2 and
    >Windows Server 2003 are not impacted by Worm:Win32/Zotob.A, its
    >variations, and similar worms attempting to exploit the Windows Plug and
    >Play vulnerability, unless they have already been compromised by other
    >malicious software. Customers can protect against attacks attempting to
    >utilize this vulnerability by installing the security updates provided
    >by the Microsoft Security Bulletin MS05-039 immediately....
    ></QP>

    I guess grc.com knew about this vulnerability a long time ago.
    They are just know fixing it? They have a program called unpnp.exe
    that will disable it.

    See
    http://www.grc.com/unpnp/unpnp.htm

    Greg Ro
  12. Archived from groups: microsoft.public.windowsxp.general (More info?)

    In article <u2sLhCyoFHA.2472@tk2msftngp13.phx.gbl>, PcEngWork-
    NoSpam_@mindspring.com says...
    > What's funny is CNN's coverage. It basically showed the world
    > their ineptitude with maintaining a secure network. Exploit known,
    > patch available - nothing done. How about changing the name to
    > the "Dilbert News Network".

    You know, I thought the exact same thing - that any one willing to
    expressly go on TV and let the worm/virus writers know they were greatly
    impacted must be a moron. Not to mention that it now shows the complete
    lack of security they must have!

    > Who wants to bet that CNN's IT operations are outsourced.
    > The security alert is probably still on some manager's desk at IBM
    > Global Services waiting for sign-off/approval, to be rolled out to
    > customers around Labor Day.

    Don't knock outsourced IT, it's off-shore that is the problem. We do
    more than 1000 seats remotely across the US and none of our customers
    were compromised by the virus/worm.


    --

    spam999free@rrohio.com
    remove 999 in order to email me
  13. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Thanks for the correction, I'll concede that it's offshore that is
    the biggest laggard. But I beat up on IBM Global Services due
    to 1st-hand experience. I have the greatest respect for the
    small, hands-on operations that take their responsibility seriously.
    Next time,I'll rephrase the derogatory comments to the real
    source of the problems, Off-shored and the "Large/Corporate
    IT outfits" that have more bureaucracy than the US Government.

    So pardon me for making a Global statement that denigrates all
    Outsourcing.

    "Leythos" <void@nowhere.lan> wrote in message
    news:MPG.1d6cf06b685edca1989c1f@news-server.columbus.rr.com...
    > In article <u2sLhCyoFHA.2472@tk2msftngp13.phx.gbl>, PcEngWork-
    > NoSpam_@mindspring.com says...
    >> What's funny is CNN's coverage. It basically showed the world
    >> their ineptitude with maintaining a secure network. Exploit known,
    >> patch available - nothing done. How about changing the name to
    >> the "Dilbert News Network".
    >
    > You know, I thought the exact same thing - that any one willing to
    > expressly go on TV and let the worm/virus writers know they were greatly
    > impacted must be a moron. Not to mention that it now shows the complete
    > lack of security they must have!
    >
    >> Who wants to bet that CNN's IT operations are outsourced.
    >> The security alert is probably still on some manager's desk at IBM
    >> Global Services waiting for sign-off/approval, to be rolled out to
    >> customers around Labor Day.
    >
    > Don't knock outsourced IT, it's off-shore that is the problem. We do
    > more than 1000 seats remotely across the US and none of our customers
    > were compromised by the virus/worm.
    >
    >
    > --
    >
    > spam999free@rrohio.com
    > remove 999 in order to email me
  14. Archived from groups: microsoft.public.windowsxp.general (More info?)

    In article <u6hiCSyoFHA.3256@TK2MSFTNGP12.phx.gbl>, PcEngWork-
    NoSpam_@mindspring.com says...
    > Thanks for the correction, I'll concede that it's offshore that is
    > the biggest laggard. But I beat up on IBM Global Services due
    > to 1st-hand experience. I have the greatest respect for the
    > small, hands-on operations that take their responsibility seriously.
    > Next time,I'll rephrase the derogatory comments to the real
    > source of the problems, Off-shored and the "Large/Corporate
    > IT outfits" that have more bureaucracy than the US Government.
    >
    > So pardon me for making a Global statement that denigrates all
    > Outsourcing.

    We're fine in that. I figured what you meant and see the same issues
    myself - large outsourced companies providing reactionary support or
    off-shore companies reading from scripts.


    --

    spam999free@rrohio.com
    remove 999 in order to email me
  15. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Different exploit - Plug-&-Play is different from uPNP or
    Universal Plug-&-Play.

    "Greg Ro" <webworm11@yes.lycos.com> wrote in message
    news:%23VI3Xw0oFHA.2472@TK2MSFTNGP15.phx.gbl...
    > On Wed, 17 Aug 2005 04:08:42 -0400, "PA Bear" <PABearMVP@gmail.com>
    > wrote:
    >
    >>Microsoft Security Advisory (899588): Vulnerability in Plug and Play Could
    >>Allow Remote Code Execution and Elevation of Privilege:
    >>http://www.microsoft.com/technet/security/advisory/899588.mspx
    >>
    >><QP>
    >>...these worms exploit the
    >>Windows Plug and Play vulnerability remotely only against Windows
    >>2000-based systems...
    >>
    >>Other versions of Windows, including Windows XP Service Pack 2 and
    >>Windows Server 2003 are not impacted by Worm:Win32/Zotob.A, its
    >>variations, and similar worms attempting to exploit the Windows Plug and
    >>Play vulnerability, unless they have already been compromised by other
    >>malicious software. Customers can protect against attacks attempting to
    >>utilize this vulnerability by installing the security updates provided
    >>by the Microsoft Security Bulletin MS05-039 immediately....
    >></QP>
    >
    > I guess grc.com knew about this vulnerability a long time ago.
    > They are just know fixing it? They have a program called unpnp.exe
    > that will disable it.
    >
    > See
    > http://www.grc.com/unpnp/unpnp.htm
    >
    > Greg Ro
  16. Archived from groups: microsoft.public.windowsxp.general (More info?)

    On Wednesday 17 August 2005 04:28 am, Leythos had this to say in
    microsoft.public.windowsxp.general:

    > In article <HABMe.228727$5V4.134158@pd7tw3no>, nostop@stopspam.com
    > says...
    >> Time to get your systems updated (again) kids. Your toy operating system
    >> is once more under attack.
    >>
    >> http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html
    >>
    >> "The director of Microsoft's security response center, Debbie Fry Wilson,
    >> said the computer giant was in an "emergency response" mode. "Right now,
    >> we're mobilizing our two war rooms," she told CNN."
    >
    > Funny, it seems to have only impacted networks that were not secured
    > properly in the first place.
    >

    Nothing funny about it. MickeyMouse only issued the security update on
    August 8th. Do you honestly expect millions of computers (half of which in
    the corporate world are still running W2K) to be totally secured with
    patches on a daily basis? That's one of the major problems Windoze users
    face. They need to be babysitting their 'puters daily just to keep them
    running. When disaster strikes, in this Wintard crowd, the victims are
    blamed because they just didn't babysit their systems enough and the
    messenger is attacked because their toy operating system is once again put
    into disrepute.

    Obviously MickeyMouse finds it enough of a problem to setup "two war rooms",
    while Lythos here, just things its "funny".


    --
    Have you been MicroShafted today?
    To mess up a Linux box, you need to work *at* it.
    To mess up a Windows box, you need to work *on* it.
  17. Archived from groups: microsoft.public.windowsxp.general (More info?)

    yawn

    --
    Regards
    Mark Dormer
    How to ask a newsgroup question:
    http://support.microsoft.com/kb/555375


    "NoStop" <nostop@stopspam.com> wrote in message
    news:HABMe.228727$5V4.134158@pd7tw3no...
    > Time to get your systems updated (again) kids. Your toy operating system
    > is
    > once more under attack.
    >
    > http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html
    >
    > "The director of Microsoft's security response center, Debbie Fry Wilson,
    > said the computer giant was in an "emergency response" mode. "Right now,
    > we're mobilizing our two war rooms," she told CNN."
    >
    >
    >
    > --
    > Have you been MicroShafted today?
    > To mess up a Linux box, you need to work *at* it.
    > To mess up a Windows box, you need to work *on* it.
  18. Archived from groups: microsoft.public.windowsxp.general (More info?)

    In article <eBIMe.232203$s54.92238@pd7tw2no>, nostop@stopspam.com
    says...
    > On Wednesday 17 August 2005 04:28 am, Leythos had this to say in
    > microsoft.public.windowsxp.general:
    >
    > > In article <HABMe.228727$5V4.134158@pd7tw3no>, nostop@stopspam.com
    > > says...
    > >> Time to get your systems updated (again) kids. Your toy operating system
    > >> is once more under attack.
    > >>
    > >> http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html
    > >>
    > >> "The director of Microsoft's security response center, Debbie Fry Wilson,
    > >> said the computer giant was in an "emergency response" mode. "Right now,
    > >> we're mobilizing our two war rooms," she told CNN."
    > >
    > > Funny, it seems to have only impacted networks that were not secured
    > > properly in the first place.
    > >
    >
    > Nothing funny about it. MickeyMouse only issued the security update on
    > August 8th. Do you honestly expect millions of computers (half of which in
    > the corporate world are still running W2K) to be totally secured with
    > patches on a daily basis? That's one of the major problems Windoze users
    > face. They need to be babysitting their 'puters daily just to keep them
    > running. When disaster strikes, in this Wintard crowd, the victims are
    > blamed because they just didn't babysit their systems enough and the
    > messenger is attacked because their toy operating system is once again put
    > into disrepute.
    >
    > Obviously MickeyMouse finds it enough of a problem to setup "two war rooms",
    > while Lythos here, just things its "funny".

    Patched or not, they should not have had exposure to the virus, which
    means that their networks would have been properly secured, which means
    they would not have been infected.

    We have more than 1000 nodes between the east and west coast and not one
    compromise.

    --

    spam999free@rrohio.com
    remove 999 in order to email me
  19. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Zotob: An Avoidable Worm And The Negligence Factor
    http://www.securitypipeline.com/169400254?_loopback=1

    --
    Carey Frisch
    Microsoft MVP
    Windows XP - Shell/User
Ask a new question

Read More

Microsoft Systems Windows XP