Microsoft: Worm Attack is Your Fault

Rival hackers have unleashed competing computer worms on the Internet which are designed to exploit recently revealed flaws in various versions of Microsoft's Windows operating systems. The worms are most notable for their arrival speed: They are quickly spreading around the globe less than a week after Microsoft announced the flaws they exploit. Microsoft, however, remains surprisingly unimpressed by the fact that its customers are being forced to take their PC systems offline.

"We are not aware at this time of a new attack," the company noted in a statement it issued last night. "Instead our analysis has revealed that the reported worms are different variations of the existing attack called Zotob. Microsoft has reviewed the situation and continues to rate the issue as a low threat for customers."

This statement bears little comfort for companies such as ABC, Caterpillar Company, CNN, Daimler Chrysler, The Financial Times, Kraft Foods, The New York Times, The San Francisco International Airport, SBC Communications, United Parcel Service (UPS), and Walt Disney, all of which suffered from computer crashes, downtime, and repeated reboots because of the worm attacks. According to reports, there are at least six separate worms that exploit Microsoft's recently-revealed flaws. David Maynor, a security researcher at Internet Security Systems in Atlanta told The New York Times that the hackers responsible were essentially involved in a "turf war" to control computers in the largest networks around the world.

Despite Microsoft's "low threat" assertions, security firms are rating this attack being more severe. Trend Micro is using the "medium" designation to describe the attack, while Symantec grades the Zotob attacks as a 3 on a 1 to 5 scale.

But back to Microsoft, which you'd think would be reaching out to customers and not explaining how they'd be fine if they simply upgraded to XP or installed patches the day they were released. "Zotob has thus far had a low rate of infection," the aforementioned statement continues. "Zotob only targets Windows 2000. Customers running other versions such as Windows XP, or customers who have applied the MS05-039 update to Windows 2000 are not impacted by this attack."

Only Windows 2000, eh? According to AssetMatrix, Windows 2000 is the most-often used Windows version in medium- and large-sized corporations, edging out XP 48 percent to 37 percent. Put another way, roughly half of all Windows installs in corporations are Windows 2000.

So we have an interesting situation. Hackers are now able to exploit Windows flaws within days, and when they do so, corporations are admonished by Microsoft. No offense to the world's largest software company, but that's no way to talk to customers.

End of Article

*yay*

Anonymous User August 17, 2005 (Article Rating:

)

Hey, like many posters here at WinInformant, they're simply assigning blame to the user rather than their swiss-cheese-security software. It's easier to do that than accept responsibility and put the blame squarely where it belongs.

Anonymous User August 17, 2005 (Article Rating:

)

Paul, I agree with your assessment, but I also have to ask who is asleep at the wheel at thos corporations? You would think, no matter which platform they have deployed across their servers and clients, that they would have both a defined patch management solution better than just running Windows Update (such as SUS, WSUS, SMS, or any other litany of patch management packages available), and that they would also have AV software on each desktop, that is both a modern version, and kept up to date on a daily basis. This would greatly mitigate this worm from spreading very far if those simple precautions are taken. I think that infection would be more prevalant in small to midsize businesses that don't have the money or expertise for a full fledged patch management and virus solution, not at big companies with huge bankrolls.

Anonymous User August 17, 2005 (Article Rating:

)

My main question... So does it or does it not effect Windows XP. I just bought a new computer about a month ago. Do I need to worry?

Anonymous User August 17, 2005 (Article Rating:

)

I'll have to agree that more blame needs to be put on the systems administrators. About 50% of our network is Windows 2000. Not one machine has had a problem. Why? Because we use antivirus software. Because we use patch management software. Because we use firewalls.

The point is that the tools are there to be used. Some free of charge. You don't blame Ford when you get something stolen out of your car when you forgot to lock the doors.

MorfiusX August 17, 2005 (Article Rating:

)

"You don't blame Ford when you get something stolen out of your car when you forgot to lock the doors."

Well, I would definitely blame Ford if they sold me a car without locks and something was stolen, which is the case here w/Windows and Zotob and even Blaster.

Anonymous User August 17, 2005 (Article Rating:

)

I'd blame Ford if they sold me a car that LOOKED like it had locks, but actually didn't or locks that could be slim-jimmed with a pencil. I'd also be annoyed if Ford expected me to drop by their service department daily to make sure there wasn't a service patch for my car. And I'd kick Ford's great grand kid square in the nads if he blamed me for not taking the time to drop by his service department to update the POS car he sold me! Maybe we should all consider Linux or Mac instad of Ford - er, Microsoft.

mwrisner August 17, 2005 (Article Rating:

)

If Apple had 90% of the computer market share, would they not also be under the same attacks? Isn't the real issue about building a secure operating system.

Anonymous User August 17, 2005 (Article Rating:

)

I work for a fortune 50 company. I am currently monitoring our networks and our tickets, and so far we have zero reports of this virus on our network.

Why? Because our testing and review process of Microsoft patches is quick. We utilize complete firewall protection. We use up-to-date virus protection.

Blaming Microsoft is Lame, anyone in their position would have to deal with this. I think there a bunch of security professionals who need fired from each of these companies.

This report is lame. Try supporting a company before you pass judgement. This was totally avoidable.

Anonymous User August 17, 2005 (Article Rating:

)

"If Apple had 90% of the computer market share, would they not also be under the same attacks?"

No, that is just plain typical Micro$oft fanatical FUD. If a hacker was able to create a worm/virus that could successfully attack Mac OS X, he'd go down in history for the achievement. It hasn't happened. This is what hackers pursue notoriety.

"Isn't the real issue about building a secure operating system."

Are you not listening?! Apple OS X is far more secure then your precious Windoze.

All ports blocked by default, Zero viruses available for Mac OS X, Zero worms, Zero trojans and Zero ad/spy-ware programs for OS X.

I don't need or even use Antivirus software or a firewall with my copy of Mac OS X, it's that secure!!!

Anonymous User August 17, 2005 (Article Rating:

)

See More Comments 1 2 3 4 5 6 7 8 9 10 11 12

You must log on before posting a comment.

If you don't have a username & password, please register now.