www.nettime.org Nettime mailing list archives
| Bruce Sterling on Thu, 11 Sep 2003 16:30:20 +0200 (CEST) |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| <nettime> Here comes the next MSBlaster |
*Normally I wouldn't trouble nettime with boring, everyday
comp-security alerts, but that Blaster worm was created
so quickly that I estimate you have about 28 days tops
before every unpatched Windows-user you know gets
whacked by an exploit of this thing.
*Here are your choices, Windows users:
1. Do nothing; get repeatedly infected and trampled by a planetfull
of increasingly well-organized virus-phreak malcontents
2. Give Bill Gates the free, unilateral run of your system
by installing "Windows Auto Update"
3. Spend all your own free time patching, ie sticking fingers into the dike
and dodging the crossfire.
4. Get Linux or a Mac.
*This is a quagmire. It's gonna get a lot worse before it
gets better, if it ever gets better at all -- bruces
From: Dave Farber <dave {AT} farber.net>
Date: Wed Sep 10, 2003 04:05:24 PM US/Central
To: ip {AT} v2.listbox.com
Subject: [IP] *Another* critical Windows flaw
Reply-To: dave {AT} farber.net
http://money.cnn.com/2003/09/10/technology/microsoft_flaw.reut/index.htm?cnn=
yes
Microsoft warns of new Windows flaw
Software maker says security flaw is similar to one that hackers exploited
to create Blaster worm.
September 10, 2003: 4:01 PM EDT
SAN FRANCISCO (Reuters) - Microsoft Corp. warned computer users Wednesday
about a new critical security hole in its Windows operating system that
could allow an attacker to gain control over a computer, delete data and
install unwanted programs.
The vulnerability is similar to one that Microsoft warned about in July,
which experts called one of the worst to hit a software program in years
because of the broad number of Windows systems affected.
Within a month, the Blaster Internet worm surfaced, taking advantage of
that security hole in Windows. The worm eventually infected an estimated
hundreds of thousands of machines.
Hackers apparently have not yet targeted the newly announced vulnerability,
said Jeff Jones, senior director of Trustworthy Computing security at
Redmond, Wash.-based Microsoft.
But with any critical flaw, "we have a worry that history has shown us
there are malicious individuals out there that could create an attack of
some sort against it," he said.
Blaster, also dubbed MSBlast and LovSan, crashed many of the computers it
infected and tried to launch an unsuccessful attack on a Microsoft software
download Web site.
The operating systems affected by the latest security vulnerabilities are
Windows NT 4.0, Windows 2000, Windows XP and Windows Server 2003. Older
versions of Windows, including Windows Millennium, Windows 98 and Windows
95, are not affected, the company said.
Both the software flaw targeted by the Blaster worm and the new security
hole are related to the Distributed Component Object Model service that is
hosted by a Remote Procedure Call feature in Windows. Those features allow
software applications to work with each other across a computer network.
Instant replay
"It's pretty much like instant replay," said Marc Maiffret, chief hacking
officer at eEye Digital Security, which discovered the latest critical flaw.
"I can't even imagine the frustration level administrators will be feeling
today," he said.
There are critical Windows flaws occasionally, but "never before have we
had another one so soon," he said, adding that he thinks there is a good
chance there will be another worm that will exploit the new flaw.
Since early last year, Microsoft has made software security a top priority
in an attempt to address rising customer concerns about the spread of
viruses and hacker attacks.
Last week Microsoft warned of an important flaw in its Office software that
could enable a malicious programmer to create documents that would launch
attacks on unsuspecting users.
There have been about 40 warnings from Microsoft of security flaws, rated
either critical, important, moderate and low, since the beginning of this
year, according to data posted at the Microsoft security bulletin Web site.
Last year, there were a total of 72 bulletins issued, Jones said.
Jones advised Windows users to get information and download a patch that
fixes the critical vulnerabilities, as well as other less-serious ones the
company discovered. The patch is available from <http://www.microsoft.com/
security>www.microsoft.com/security.
Microsoft is also urging customers to install a firewall to block out
intruders and enable the Windows auto update feature, which allows security
and other software to be updated and installed automatically. The Web site
for that is <http://www.microsoft.com/protect>www.microsoft.com/protect.
Microsoft credited outside researchers for finding the new critical and
non-critical vulnerabilities. Besides eEye Digital Security, it named
NSFOcus Security Team, and Xue Yong Zhi and Renaud Deraison from Tenable
Network Security as contributors. <http://cnnmoney.printthis.clickability.
com/pt/#TOP>
# distributed via <nettime>: no commercial use without permission
# <nettime> is a moderated mailing list for net criticism,
# collaborative text filtering and cultural politics of the nets
# more info: majordomo {AT} bbs.thing.net and "info nettime-l" in the msg body
# archive: http://www.nettime.org contact: nettime {AT} bbs.thing.net
tel