Microsoftheaded, hugely stupid

ken at flyingtoasters.net ken at flyingtoasters.net
Thu Sep 18 16:25:08 EDT 2003 

Jon: I (along with the rest of the list?) got the same thing.  It's a
virus.  Well, I can't state that with 100% certitude, but certainly with
99.9%, as
a) MS -- even in all their stupidity -- NEVER sends out patches.  Period.
b) The "From:" address is forged.

Bottom line: DON'T INSTALL IT!

$.02,

-Ken

> So, I am not really a "security minded person".  Those people I usually
> simply bow to and hope that the patches come out fast enough that I can
> apply them and protect my system.  But I do expect a certain amount of
> decorum in getting those patches.  Usually it means going to some
> protected site and doing something reasonable.
>
> A few minutes ago I get two email messages in rapid succession.
>
> One has the subject line "Current Update", the other has a subject line
> "Current Microsoft Critical Upgrade".  Both propose to fix "all known
> security vulnerabilities affecting MS Internet Explorer, MS Outlook and
> MS Outlook Express as well as three newly discovered vulnerabilities."
>
> Both letters delivered the patches directly, via email.  Neither letter
> described a way that I could tell if the patch had been tampered with,
> or even if the patch had actually come from Microsoft.
>
> Each letter had a different file attached, with a different name.  If
> they both fix "all known problems", why do I have two with different
> names, different lengths, etc.
>
> Now, I have no real problem in believing that these patches really did
> come from Microsoft, which actually makes the problem worse instead of
> better.
>
> Why would a major software company really believe that anyone who could
> say the word "secure" would apply this patch that came through the email
> this way?  And if they believe that no real security person would, then
> why bother sending it?  If they get Mom&Pop installing patches this way,
> what happens when the very first "spoofer" hits Mom&Pop with what looks
> like a patch from Microsoft?
>
> It just makes Microsoft look even more clueless.
>
> The really great part is that I don't have any Microsoft products
> anymore. I just stay on their mailing lists to see what other incredible
> things they do.
>
> md
> --
> Jon "maddog" Hall
> Executive Director           Linux(R) International
> email: maddog at li.org         80 Amherst St.
> Voice: +1.603.672.4557       Amherst, N.H. 03031-3032 U.S.A.
> WWW: http://www.li.org
>
> Board Member: Uniforum Association, USENIX Association
>
> (R)Linux is a registered trademark of Linus Torvalds in several
> countries. UNIX is a registered trademark of The Open Group in the US
> and other countries.
>
> _______________________________________________
> gnhlug-discuss mailing list
> gnhlug-discuss at mail.gnhlug.org
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

More information about the gnhlug-discuss mailing list