[9809] in cryptography@c2.net mail archive
Re: Thai Pirates Crack Microsoft's New Windows System
daemon@ATHENA.MIT.EDU (dmolnar)
Tue Nov 13 18:55:30 2001
Date: Tue, 13 Nov 2001 17:30:13 -0500 (EST)
From: dmolnar <dmolnar@hcs.harvard.edu>
To: <ji@research.att.com>
Cc: <cryptography@wasabisystems.com>
In-Reply-To: <200111132007.PAA16484@bual.research.att.com>
Message-ID: <Pine.OSF.4.33.0111131721550.7614-100000@hcs.harvard.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Tue, 13 Nov 2001 ji@research.att.com wrote:
> Has anyone actually analyzed the WU scripts to see what exactly they
> are sending, and whether they have any covert channels to send information
> back?
>
On a separate note, what does WU do to prevent replays of bad bugfixes?
This article
http://news.zdnet.co.uk/story/0,,t274-s2098939,00.html
mentions a patch which closed down Win2K Terminal Services. What prevents
someone from causing WU to accept this patch (perhaps in conjunction
with a compromise of DNS) in order to mount a denial of service attack?
I poked around the Microsoft site a bit, but did not find many details;
then again I haven't looked particularly hard yet.
While we're at it, does anyone know whether a good treatment of "issues in
secure upgrades" exists?
-David
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
