Network Security: Detailed info on RE: Microsoft mydoom removal tool via SUS

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Focus-Virus

[Top] [All Lists]

RE: Microsoft mydoom removal tool via SUS

from [Eric McCarty] Network Security

[Permanent Link]

Subject:	RE: Microsoft mydoom removal tool via SUS
Date:	Wed, 11 Aug 2004 07:56:58 -0700

If you approve it for update in SUS Admin it will deploy it whether
workstations are infected or not. Uncheck it in the Approved updates
section and it will no longer be an issue.

Eric 

-----Original Message-----
From: Dan Denton [mailto:ddenton@PAYLESSOFFICE.com] 
Sent: Wednesday, August 11, 2004 7:42 AM
To: focus-virus@securityfocus.com
Subject: Microsoft mydoom removal tool via SUS

We use SUS to distribute updates to our workstations and one of the
updates that frequently shows up is the Mydoom removal tool. The
description says that the appearance of this update is a sign of
infection, but none of my systems show infection in Symantec's SSC, and
Eeye's mydoom scanner shows nothing as well. Has anyone else had this
issue? I assume at this point that it's a false positive, but I'm
checking all my bases. 

I apologize if this post is better suited to focus-ms.

Dan Denton
Information Technology Manager, CCNA
Pay-LESS Office Products

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Microsoft mydoom removal tool via SUS, Dan Denton Re: Microsoft mydoom removal tool via SUS, Paul Kurczaba RE: Microsoft mydoom removal tool via SUS, Eric McCarty <= RE: Microsoft mydoom removal tool via SUS, Eric McCarty RE: Microsoft mydoom removal tool via SUS, Dan Denton RE: Microsoft mydoom removal tool via SUS, Dan Denton

Previous by Date:	RE: Playing with Viruses on windows, Castigliola, Angelo
Next by Date:	RE: Microsoft mydoom removal tool via SUS, Eric McCarty
Previous by Thread:	Re: Microsoft mydoom removal tool via SUS, Paul Kurczaba
Next by Thread:	RE: Microsoft mydoom removal tool via SUS, Eric McCarty
Indexes:	[Date] [Thread] [Top] [All Lists]