Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1999_1

Bugtraq archives for 1st quarter (Jan-Mar) 1999: Re: Microsoft Critical Updater Security

Re: Microsoft Critical Updater Security

Lucky Green (shamrockNETCOM.COM)
Sun, 24 Jan 1999 14:15:49 -0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: mnemonix: "Re: Advisory: IIS FTP Exploit/DoS Attack"
Previous message: Jan B. Koum: "Re: SSH 1.x and 2.x Daemon"
In reply to: Erik Parker: "Microsoft Critical Updater Security"
Next in thread: Gale S. Ringley: "Re: Microsoft Critical Updater Security"

When I went through the same procedure, Critical Update installed a new
version of the Critical Update control upon accessing the update site.
However, it did ask me if I wanted to install it. Perhaps you once clicked
the "Always trust software from Microsoft Corporation" in the Authenticode
popup? In that case, code signed by Microsoft might auto-install.

--Lucky Green <shamrocknetcom.com>
  PGP 5.x  encrypted email preferred

> -----Original Message-----
> From: Bugtraq List [mailto:BUGTRAQnetspace.org]On Behalf Of
> Erik Parker
> Sent: Saturday, January 23, 1999 03:34
> To: BUGTRAQnetspace.org
> Subject: Microsoft Critical Updater Security
[...]

> Well, The popup says "Hey, critical update available, shall
> we go check
> it out?". Iexplorer opens up (note, you can't use netscape
> for updating).
>
> It took longer to load than usual, because it downloaded and
> installed..

Next message: mnemonix: "Re: Advisory: IIS FTP Exploit/DoS Attack"
Previous message: Jan B. Koum: "Re: SSH 1.x and 2.x Daemon"
In reply to: Erik Parker: "Microsoft Critical Updater Security"
Next in thread: Gale S. Ringley: "Re: Microsoft Critical Updater Security"