* Posts by Gordon Slater

5 publicly visible posts • joined 23 Oct 2008

Solar plasma aurora storm ongoing debate

Gordon Slater
Alien

My Domestic Boffins say..."only ironising radiation is dangerous..

..mainly because it's concentrated in the infra-red bands (and the nearby waist-bands)"

We can protect ourselves from it quite easily using various "Oxy" washing powders that contain optical brighteners to both brighten our perception and reflect 99.9% deadly rays. Maybe.

Microsoft rushes out emergency Windows security fix

Gordon Slater
Stop

I got it "up the chuff" 2-3 weeks ago >> classictitlelines.txt

about 2-3 days before Patch Bluesday Oktoberfest I had a isolated XP test machine (linux campus here otherwise - this is just me keeping my hand in) that suddenly showed the shield icon and refused to let me change back to automatic updates. So I airgapped it and blew it to an image. Then set a new install back on test.

Sooooo, after yesterday's teatime confession release I gave it a look over in a new light, and sure enough after a sleuthkit session, traces found of this one. It did not, in itself, disable the auto-updates.

It would have been more professional IMHO if the signatures were released earlier. But it was behind an all incoming blocked firewall. So the delivery was by another vector (I'm working on it, but as I'm not deploying or recommending MS stuff any more it's a rainy day job. "job" being the pun here. priority "number 2" geddit? load of old....)

So "limited, targetted attacks" is being economical with the facts.

1:When should you patch? Well, about 3 weeks ago, is my tip.

2:Infocon yellow is entirely justified. The Yawners need to take a few courses and a reality check.

3:Its the wormability thats frightening here, Droppers are one thing but uncontrollable spread is not what I want on my toast these days

:q!

Gordon Slater
Alert

all hands

Pros take note: you should be doing stuff not reading TheReg today. Chomp on this:

http://www.emergingthreats.net/index.php/component/content/article/1-latest/124-ms08-067-sigs-from-secureworks.html

that is all

Microsoft rushes out emergency Windows update

Gordon Slater

CVE-2006-xxxx

if ONE more person emails me to say "wow - how do you know so early?" - sheesh. It was a joke above -JOKE- , check out the smiley.

They haven't even bothered to patch that 2006 exploit yet

Trusted Computing eh?

I'd rather have everyone on the same debain ssh key than this haha < note that this is also a joke. except, now I think about it, it's still more preferable!

Gordon Slater
Jobs Horns

The reason for the emergency out-of-sequence patch

it's an emergency patch for CVE-2006-2094, here's the link:

http://www.frsirt.com/english/Reference-CVE-2006-2094.php

;)