Microsoftheaded, hugely stupid

bscott at ntisys.com bscott at ntisys.com
Fri Sep 19 01:13:38 EDT 2003


On Thu, 18 Sep 2003, at 4:10pm, maddog at li.org wrote:
> One has the subject line "Current Update", the other has a subject line
> "Current Microsoft Critical Upgrade".

  As others have pointed out, Microsoft **NEVER** distributes patches via
email.

  http://www.microsoft.com/technet/security/news/patch_hoax.asp

  Most likely, you have received a message sent by one of the many
self-propagating worms out there.  By making the payload appear to be a
"security fix", naive users are more likely to run it, especially with all
the press worms and viruses are getting today.  Classic Trojan-horse gambit.

  It could also be a non-worm Trojan-horse, but I doubt it.

  I like the joke that a worm could distribute itself as
"NEVER_FUCKING_OPEN_THIS.EXE" and people would still open it up and run it,
compromising their systems and spreading the worm.  Ha ha.  Only serious.

  It is worth pointing out that Linux and Unix are just as vulnerable to
this as MS-Windows.  There is absolutely zero reason someone couldn't write
a "fix-linux.sh" worm that mailed itself to people, telling them to run the
important security update.  Indeed, I'm rather surprised we haven't seen
anything like this yet.  But I'm sure it is only a matter of time until we
do.

  Once enough naive users are running Linux, we will have most of the same
security peoples Microsoft does.

-- 
Ben Scott <bscott at ntisys.com>
| The opinions expressed in this message are those of the author and do  |
| not represent the views or policy of any other person or organization. |
| All information is provided without warranty of any kind.              |




More information about the gnhlug-discuss mailing list