Thai Pirates Crack Microsoft's New Windows System

dmolnar dmolnar at hcs.harvard.edu
Tue Nov 13 17:30:13 EST 2001



On Tue, 13 Nov 2001 ji at research.att.com wrote:

> Has anyone actually analyzed the WU scripts to see what exactly they
> are sending, and whether they have any covert channels to send information
> back?
>

On a separate note, what does WU do to prevent replays of bad bugfixes?
This article
http://news.zdnet.co.uk/story/0,,t274-s2098939,00.html
mentions a patch which closed down Win2K Terminal Services. What prevents
someone from causing WU to accept this patch (perhaps in conjunction
with a compromise of DNS) in order to mount a denial of service attack?
I poked around the Microsoft site a bit, but did not find many details;
then again I haven't looked particularly hard yet.

While we're at it, does anyone know whether a good treatment of "issues in
secure upgrades" exists?

-David




---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com




More information about the cryptography mailing list