[prev in list] [next in list] [prev in thread] [next in thread] 

List:       patchmanagement
Subject:    If you patched/rebooted and STILL got nailed with Download.Ject/IIS attack, Call PSS, they want to t
From:       "Susan Bradley, CPA AKA Ebitz SBS Rocks [MVP]" <sbradcpa () pacbell ! net>
Date:       2004-06-26 16:26:51
Message-ID: 40DDA3CB.4010604 () pacbell ! net
[Download RAW message or body]

Heads up....
http://msmvps.com/harrywaldron/archive/2004/06/25/8954.aspx


---------------------

Note Microsoft believes that if you installed the updates for MS04-011 
manually or by using Automatic Updates before April 25, 2004, and you 
have restarted your computer, you are already protected against this 
issue. If you find that your computer has been compromised, please 
contact Microsoft Product Support Services (PSS) immediately

Internet Information Services (IIS) 5.0 – Download.Ject Detection and 
Recovery Advisory

http://support.microsoft.com/?kbid=871277 
<http://support.microsoft.com/?kbid=871277>

If you come across someone who feels their fully patched machine has 
been compromised, have them call 1-866-PCSafety right away

----------------------
[or ping one of the Microsoft folks you know because they want to make 
sure this is truly only affecting "unpatched" systems.... so far I'm 
seeing the reports say that the machines were pushed the patches but had 
not been rebooted and thus still vulnerable]


---
To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
[prev in list] [next in list] [prev in thread] [next in thread]