Internet Security Update

Gregory Alan Bolcer gbolcer@endeavors.com
Sun, 10 Mar 2002 09:03:01 -0800


Udhay Shankar N wrote:
> 
> At 08:28 AM 3/10/02 -0800, Gregory Alan Bolcer wrote:
> >I'm still getting used the idea that Microsoft is
> >sending out non-signed .exe files in direct mailings
> >to customers for security fixes--particularly after the
> >Verisign debacle last year when they issued a root
> >certificate for someone pretending to be Microsoft.
> >
> >Isn't there a better way to do this?
> 
> You've been social engineered. See below.
> 
> Udhay
> 

Well, I think the first thing I did was go to the MSFT
site and see if there really was a patch.  If you mean socially
engineered to "must go to Microsoft.com" then I fell for it.  8-)

Greg