[16071] in bugtraq
Re: Windows 9x? (Re: Microsoft Security Bulletin (MS00-047))
daemon@ATHENA.MIT.EDU (David LeBlanc)
Thu Aug 3 14:39:07 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Message-Id: <3.0.5.32.20000802231208.03449200@pop.mindspring.com>
Date: Wed, 2 Aug 2000 23:12:08 -0700
Reply-To: David LeBlanc <dleblanc@MINDSPRING.COM>
From: David LeBlanc <dleblanc@MINDSPRING.COM>
X-To: Ryan Fox <rfox@NOGUSKA.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <006101bffca0$2ccd9260$32611cd8@noguska.com>
At 12:39 PM 8/2/00 -0400, Ryan Fox wrote:
>2. The vendor's patch, by their own admission in the last e-mail, breaks
>some "normal, by-design management functions" in the NetBIOS protocol. They
>also called the patch unsuitable for rollout over the entire network.
>Nowhere in the initial disclosure was any mention of this.
If you read the FAQ, you will find that it says:
"As discussed above, the vulnerability results from the misuse of normal,
by-design management functions provided in NetBIOS. The patch removes some
of these functions. It's not appropriate to apply the patch globally -"
>I, for one,
>would feel much more comfortable applying a patch if I knew exactly what it
>did.
If you read the FAQ, you'll have a better understanding. Reading the
related RFCs can also be helpful.
The bulletins always have a link to the FAQ, and it typically provides
helpful details. If it isn't clear enough, write secure@microsoft.com and
ask - they do their best to state things clearly, but no one is perfect.
Some of these issues can be tough to explain.
Hope this helps.
David LeBlanc
dleblanc@mindspring.com
