Internet Security Update
Gregory Alan Bolcer
gbolcer@endeavors.com
Sun, 10 Mar 2002 09:03:01 -0800
Udhay Shankar N wrote:
>
> At 08:28 AM 3/10/02 -0800, Gregory Alan Bolcer wrote:
> >I'm still getting used the idea that Microsoft is
> >sending out non-signed .exe files in direct mailings
> >to customers for security fixes--particularly after the
> >Verisign debacle last year when they issued a root
> >certificate for someone pretending to be Microsoft.
> >
> >Isn't there a better way to do this?
>
> You've been social engineered. See below.
>
> Udhay
>
Well, I think the first thing I did was go to the MSFT
site and see if there really was a patch. If you mean socially
engineered to "must go to Microsoft.com" then I fell for it. 8-)
Greg