Re: I Just Head The Entire State Of New York Has A Power Outage
From: The Kung Fu Hippie From Gangsta City (spamspamspam_at_spam.spam)
Date: 08/15/03
- Next message: Bit Twister: "Re: I Just Head The Entire State Of New York Has A Power Outage"
- Previous message: Bit Twister: "Re: how to keep /home across a fresh install"
- Next in thread: Bit Twister: "Re: I Just Head The Entire State Of New York Has A Power Outage"
- Reply: Bit Twister: "Re: I Just Head The Entire State Of New York Has A Power Outage"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 15 Aug 2003 18:06:15 GMT
"Luca" <bobbito@balcab.ch> wrote in news:3f3d11bc$1@news.swissonline.ch:
>
> "Steve S. Jackson" <stevesjackson@earthlink.net> wrote
>> The wires are now saying it was a generator in Ohio. We may
>> never know.
>
> In a German online paper I've read an article on how the Lovsan worm
> could have had something to do with it. The central power station used
> unpatched software which had exactly that type of hole... Dunno if
> there's anything out like this in English and I can't be bothered to
> translate the whole thing right now. Maybe tomorrow if by then they
> haven't nailed a couple of Saudis for it.
>
> Luca
>
Windows Update flaw 'left PCs open' to MSBlast
Munir Kotadia
ZDNet UK
August 15, 2003, 14:40 BST
Tell us your opinion
A flaw in Windows Update caused some organisations - including the US
Army - to wrongly believe they were protected from MSBlast, according to
a researcher
A flaw in Windows Update -- Microsoft's online tool that lets customers
update their operating system with patches and fixes -- enabled the
MSBlast worm to infect computers that apeared to have already been
patched, according to a security expert.
The flaw led to a US Army server, among others, falling victim to
MSBlast, according to Russ Cooper, chief scientist at security company
TruSecure.
Windows Update works by adding an entry into the system registry every
time it installs a patch. When users log on to the update tool, it scans
their registry and offers them list of patches that have not yet been
installed. Cooper said that this mechanism was found to be flawed.
"We found that people had got the registry key for the patch, but not the
file," he said, explaining that the error could be triggered by a number
of reasons -- from an incomplete installation to a lack of system
resources.
"If you go to Microsoft's site and say, 'tell me if I am up to date', and
it says 'you are up to date', but you are not, what are you supposed to
do?" he said.
In order to fix the problem, Windows Update should be looking for the
actual fix rather than just a registry entry, Cooper argued. This feature
is already included in the tool, but is not "fully enabled", Cooper said.
He recommends that users should run the Microsoft Baseline Security
Analyzer (MBSA) as an alternative to Windows Update for checking to see
if patches have been correctly installed. MBSA is also designed to look
for security problems in the Windows registry and can be downloaded free
from Microsoft's Web site.
Microsoft did not respond to requests for comment on the Windows Update
issue.
Patching has been a thorn in Microsoft's side, with companies complaining
that it takes far too long to implement patches because of the
compatibility testing that is necessary before deploying them to
thousands of servers and desktops. Additionally, the sheer volume of
patches being generated by Microsoft means that companies are finding it
difficult to keep up.
Stuart Okin, chief security officer at Microsoft UK, admitted that
Microsoft customers spend too much time fixing their systems: "Our
customers don't necessarily have the programmes, processes and
environments in place to deal with dynamic changes," he said. He admitted
that companies have had problems deploying the patch to thousands of
workstations or servers "within the space of four weeks" -- approximately
the time between when the vulnerability was discovered and the worm was
released.
Last year, Microsoft launched its Trustworthy Computing Initiative, which
included retraining its programmers to ensure their code was written with
security in mind and involved an overhaul of its entire patching system.
Okin said that within two years, Microsoft will have made significant
changes to its Windows Update service. The company is planning on
introducing a single update source -- probably called Microsoft Update --
which will be capable of updating all of the Microsoft products installed
on a computer.
Do you have a horror story related to the spread of the MSBlast worm? If
so, add TalkBack below or write to the mailroom.
-- Can I borrow a feeling? http://www.mp3.com/gortician Bass for your anus: http://www.mp3.com/manticore http://www.mp3.com/meterversusyard http://www.mp3.com/highc http://www.mp3.com/measurerecords "[The artwork of Andrew Penland] is REAL...what I mean by "real" is that it made NEW THOUGHTS occur in my head, which would have never otherwise occurred." --Full Force Frank
- Next message: Bit Twister: "Re: I Just Head The Entire State Of New York Has A Power Outage"
- Previous message: Bit Twister: "Re: how to keep /home across a fresh install"
- Next in thread: Bit Twister: "Re: I Just Head The Entire State Of New York Has A Power Outage"
- Reply: Bit Twister: "Re: I Just Head The Entire State Of New York Has A Power Outage"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
