All Things Microsoft > Microsoft as a Company
RPC worm
jasonlane:
quote:Originally posted by SirRoss:
Has anyone connected this with the huge powercut in america i was just thinking of that also i've got my whole old networkd running and on an auto timer to connect tonight at 11:00 lol but back to the powercut has anyone thought of that?
--- End quote ---
I have been praying, so very, very, very hard that it is connected. It would really be the begining of the end of M$ if that were true, billions if not trillions of dollars lost, lot's pissed people, Gov agencies etc.....
However it probably isn't :(
Power stations are not (I think, although they recieved certification last year?) allowed to use Windoze for mission critical systems. They shouldn't be at any rate.
:(
raptor:
oh ya like this http://news.com.com/2100-1002_3-5064433.html?tag=fd_top will help!
oh and saturday may be M$ doom day, with huge DoS attack planned.
[ August 15, 2003: Message edited by: raptor ]
mobrien_12:
quote:Originally posted by Zardoz:
Power stations are not (I think, although they recieved certification last year?) allowed to use Windoze for mission critical systems. They shouldn't be at any rate.
--- End quote ---
People think the chain reaction started in Canada. Do they use windows for power stations in Canada?
It might be too much to expect the worm and blackout to be related... on the other hand it is one heckofa coincidence.
blackphiber:
just found on slashdot that www.windowsupdate.com now has a Linux server up, just put it up the day before the attack. I can see it now billy saying that it went down because someone set up a linux server for it. Scarry thing is windows users might belive it. windowsupdate.com
although the netbock owner is not MS but still I find it entertaining. Linux just might keep it up for MS and then gates might praise his crappy software more. *throws middle finger up*
Faust:
quote:
A flaw in Windows Update caused some organisations - including the US Army - to wrongly believe they were protected from MSBlast, according to a researcher
A flaw in Windows Update -- Microsoft's online tool that lets customers update their operating system with patches and fixes -- enabled the MSBlast worm to infect computers that apeared to have already been patched, according to a security expert.
The flaw led to a US Army server, among others, falling victim to MSBlast, according to Russ Cooper, chief scientist at security company TruSecure.
Windows Update works by adding an entry into the system registry every time it installs a patch. When users log on to the update tool, it scans their registry and offers them list of patches that have not yet been installed. Cooper said that this mechanism was found to be flawed.
"We found that people had got the registry key for the patch, but not the file," he said, explaining that the error could be triggered by a number of reasons -- from an incomplete installation to a lack of system resources.
"If you go to Microsoft's site and say, 'tell me if I am up to date', and it says 'you are up to date', but you are not, what are you supposed to do?" he said.
In order to fix the problem, Windows Update should be looking for the actual fix rather than just a registry entry, Cooper argued. This feature is already included in the tool, but is not "fully enabled", Cooper said.
He recommends that users should run the Microsoft Baseline Security Analyzer (MBSA) as an alternative to Windows Update for checking to see if patches have been correctly installed. MBSA is also designed to look for security problems in the Windows registry and can be downloaded free from Microsoft's Web site.
Microsoft did not respond to requests for comment on the Windows Update issue.
Patching has been a thorn in Microsoft's side, with companies complaining that it takes far too long to implement patches because of the compatibility testing that is necessary before deploying them to thousands of servers and desktops. Additionally, the sheer volume of patches being generated by Microsoft means that companies are finding it difficult to keep up.
Stuart Okin, chief security officer at Microsoft UK, admitted that Microsoft customers spend too much time fixing their systems: "Our customers don't necessarily have the programmes, processes and environments in place to deal with dynamic changes," he said. He admitted that companies have had problems deploying the patch to thousands of workstations or servers "within the space of four weeks" -- approximately the time between when the vulnerability was discovered and the worm was released.
Last year, Microsoft launched its Trustworthy Computing Initiative, which included retraining its programmers to ensure their code was written with security in mind and involved an overhaul of its entire patching system.
Okin said that within two years, Microsoft will have made significant changes to its Windows Update service. The company is planning on introducing a single update source -- probably called Microsoft Update -- which will be capable of updating all of the Microsoft products installed on a computer.
--- End quote ---
I've been having a few arguments recently with people who claim that "all you need is a firewall and regular patching and you're secure!" So nice to be proved right...
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version