f



Re: Corrupted PC's Find New Home in the Dumpster #11

In article <telecom24.337.5@telecom-digest.org>, DevilsPGD
<spamsucks@crazyhat.net> wrote:

> While true, the vast majority of malware released post-XPSP2 requires
> explicit user intervention to install it.

Maybe. It's also true that a lot of pre-XPSP2 malware is still
circulating. Do you have any idea how long it takes to download and
install something like SP2 when all you have is a 33Kbaud dial-up
connection? And that's assuming the systems are set to automatically
download and install updates.

I support many people on dialup. In spite of what the government wants
you to believe about broadband coverage, there are a LOT of people who
can't get it, and the phone companies have no incentive to invest in
the infrastructure to provide it. None of the ones I visit ever have
SP2 installed, or even most of the earlier updates. I always take a CD
full of updates along with me to do it for them.

And a dial-up connection has no firewall, and typically has all of the
default services still enabled.

Even unpatched new systems (with SP2) are at risk. A number of the
exploits take advantage of IE holes that don't require any more user
involvement than retrieving content from a malicious web site or
accessing malicious email (sometimes just the preview pane is enough,
sometimes not even that is needed) thanks to Outlook/OE integration
with IE.


John Meissen                                  jmeissen@aracnet.com

0
jmeissen
7/24/2005 11:32:05 PM
comp.dcom.telecom 29623 articles. 2 followers. nmclain (7) is leader. Post Follow

0 Replies
342 Views

Similar Articles

[PageSpeed] 15

Reply: