Richard M. Smith posted a rather funny message to the FunSec Mailing list this evening.
------------------------------------------
http://online.wsj.com/article/SB113630873566736620.html?mod=yahoo_hs&ru=yahoo
Microsoft Readies Fix As New Virus Spreads
By CHRIS REITER DOW JONES NEWSWIRES
January 3, 2006 1:20 p.m.
Microsoft Corp. plans to release on Jan. 10 a patch for a new Windows security flaw that is being exploited by a rapidly spreading computer virus strain known as "metasploit."
The virus surfaced last week as hackers took advantage of a flaw found in current server and desktop versions of Windows. It is considered serious because it requires relatively minor user interaction to be unleashed. The virus is carried in picture files and can be triggered if an image is viewed in an email or on an infected Web site.
---------------------------------------------
How could they be so wrong? Metasploit (MSF) isn't a virus, it is a tool (a pretty good tool IMHO). This tool does contain exploits that could be used combined with a payload to create a virus.
A tool is neither good nor bad, just like a knife itself is neither good nor bad. Tools are static; actions decide how the tool is viewed in most cases.
In court, a knife is seen as a "deadly weapon" but on Food TV, a knife is seen as an essential piece of equipment that no kitchen would dare be without.
Hopefully someone will point out the mistake to the WSJ. Metasploit is a very invaluable tool and it is sad to see its name misused this way.
When will WSJ report on the "PacketStorm" virus?? lol
No comments:
Post a Comment