TweakTown
Tech content trusted by users in North America and around the world
5,923 Reviews & Articles | 38,168 News Posts

MSO9-008 does nothing if you are already infected

MS says it is not supposed to

| Posted: Mar 16, 2009 7:45 pm

Microsoft might have made a blunder with one of their latest patches; MSO09-008.

 

This patch was intended to fix an issue with the way Windows handles DNS, WINs and the man-in-the-middle attacks.

 

Unfortunately if you have already been exposed to one and your system compromised the patch won't do you a whole lot of good. Microsoft is saying this is the expected behavior as the patch was meant to fix unaffected systems and not ones already compromised.

 

Read more here

 

MSO9-008 does nothing if you are already infected

Tyler Reguly, a researcher on nCircle's VERT team, pointed out that the patch checks to see which entries have been created in the DNS server and only adds block list entries for values not already being served.

 

Vole said the patch worked like it was supposed to, and was not meant to protect people who had already fallen to the exploit... so there

 

Related Tags

Further Reading: Read and find more news at our news index page.

Do you get our news RSS feed? Get It!

Post a Comment about this news

Latest Tech News Posts

View More News Posts

TweakTown Web Poll

Question: Facebook's acquisition of Oculus VR will...

Improve Oculus Rift Development

Hamper Oculus Rift Development

Completely destroy Oculus Rift Development

Let's wait and see, I'm not sure

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases