[9202] in bugtraq
Re: Microsoft Critical Updater Security
daemon@ATHENA.MIT.EDU (Lucky Green)
Mon Jan 25 14:24:51 1999
Date: Sun, 24 Jan 1999 14:15:49 -0800
Reply-To: Lucky Green <shamrock@NETCOM.COM>
From: Lucky Green <shamrock@NETCOM.COM>
X-To: Erik Parker <netmask@303.ORG>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.4.05.9901230517370.3537-100000@pm3-01.s22.v90.denver.303.org>
When I went through the same procedure, Critical Update installed a new
version of the Critical Update control upon accessing the update site.
However, it did ask me if I wanted to install it. Perhaps you once clicked
the "Always trust software from Microsoft Corporation" in the Authenticode
popup? In that case, code signed by Microsoft might auto-install.
--Lucky Green <shamrock@netcom.com>
PGP 5.x encrypted email preferred
> -----Original Message-----
> From: Bugtraq List [mailto:BUGTRAQ@netspace.org]On Behalf Of
> Erik Parker
> Sent: Saturday, January 23, 1999 03:34
> To: BUGTRAQ@netspace.org
> Subject: Microsoft Critical Updater Security
[...]
> Well, The popup says "Hey, critical update available, shall
> we go check
> it out?". Iexplorer opens up (note, you can't use netscape
> for updating).
>
> It took longer to load than usual, because it downloaded and
> installed..
