TELECOM Digest OnLine - Sorted: Re: Corrupted PC's Find New Home in the Dumpster


Re: Corrupted PC's Find New Home in the Dumpster


jmeissen@aracnet.com
24 Jul 2005 23:32:05 GMT

In article <telecom24.337.5@telecom-digest.org>, DevilsPGD
<spamsucks@crazyhat.net> wrote:

> While true, the vast majority of malware released post-XPSP2 requires
> explicit user intervention to install it.

Maybe. It's also true that a lot of pre-XPSP2 malware is still
circulating. Do you have any idea how long it takes to download and
install something like SP2 when all you have is a 33Kbaud dial-up
connection? And that's assuming the systems are set to automatically
download and install updates.

I support many people on dialup. In spite of what the government wants
you to believe about broadband coverage, there are a LOT of people who
can't get it, and the phone companies have no incentive to invest in
the infrastructure to provide it. None of the ones I visit ever have
SP2 installed, or even most of the earlier updates. I always take a CD
full of updates along with me to do it for them.

And a dial-up connection has no firewall, and typically has all of the
default services still enabled.

Even unpatched new systems (with SP2) are at risk. A number of the
exploits take advantage of IE holes that don't require any more user
involvement than retrieving content from a malicious web site or
accessing malicious email (sometimes just the preview pane is enough,
sometimes not even that is needed) thanks to Outlook/OE integration
with IE.

John Meissen jmeissen@aracnet.com

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: Joseph: "Re: TV Telephone History"
Go to Previous message: Steve Sobol: "Re: Corrupted PC's Find New Home in the Dumpster"
May be in reply to: Monty Solomon: "Corrupted PC's Find New Home in the Dumpster"
Next in thread: DevilsPGD: "Re: Corrupted PC's Find New Home in the Dumpster"
TELECOM Digest: Home Page