BTW, here's another attack method, not related to the first article. http://www.scmagazineuk.com/windows-server-update-services-open-to-attack/article/431037/