[36764] in bugtraq
RE: Microsoft's GDI Detetection Tool faults
daemon@ATHENA.MIT.EDU (mgotts@2roads.com)
Wed Sep 29 23:35:13 2004
In-Reply-To: <B7C2C6BA798F3C4DBDD78BEDC1F8AD5705D7D30D@nycmb01.law.sullcrom.com>
To: "Dowling, Gabrielle" <dowlingg@sullcrom.com>
Cc: albatross@tim.it, bugtraq@securityfocus.com
MIME-Version: 1.0
Message-ID: <OF43DEC97F.8F81BB43-ON88256F1D.00692B02-88256F1D.0069B11D@2roads.com>
From: mgotts@2roads.com
Date: Tue, 28 Sep 2004 12:14:25 -0700
Content-Type: text/plain; charset="US-ASCII"
> I tested the SANS tool against a properly patched XP system on Friday
> and found it to false positive on many of the locations it said it
> wouldn't test on.
What the FAQ says is that you should ignore the results for certain
directories, not that it won't test them.
"FAQ
Ignore files in directories like Windows\$NtUniinstallKBxxxxx\ and
Windows\WinSxS. These are old versions left behind for uninstal purposes."
