Re: Kaspersky doc (not OT)

From: Paul Drake <>
Date: Tue, 17 Feb 2015 09:50:23 -0500
Message-ID: <>


Thanks for the reply.
Based upon timing it may have been aimed at app owners and users and not for db servers as "real" databases weren't likely on wintel then. I do have to wonder if they would have managed to code around the Pentium IV bug.

On Feb 17, 2015 9:41 AM, <> wrote:

> Hi Paul,
> It’s my understanding that the conference in Houston referenced on page 15
> was a scientific conference not related to Oracle. The Oracle CD incident
> is separate and was likely to have been highly targeted at a specific
> “customer”. Safest thing to do is, if you are concerned, is update your
> anti-virus software with the latest signatures and run a full scan.
> Co-incidentally, I’m running a full scan right now with the MS Malicious
> Software Removal Tool :)
> Cheers,
> David
> From: Paul Drake
> Sent: Tuesday, February 17, 2015 2:24 PM
> To: oracle-l
> Subject: Kaspersky doc (not OT)
> Might anyone have attended a conference in Houston that had bonus material
> provided on physical media?
> I'm referring to page 15 of the doc referred to from the site
> .
> Oracle corp did not start to provide hashes/digests until relatively
> recently. Getting software on CDs would have bypassed downloading the
> software.
> Where I want to go with this is to attempt to determine if any systems
> were in fact compromised in the past.
> I doubt that such a vector was limited to a single conference.
> Paging David Litchfield, Pete Finnegan and Paul Wright ...
> Paul Drake

Received on Tue Feb 17 2015 - 15:50:23 CET

Original text of this message