Editor Microsoft Hides Behind Linux
- as Worms Eat Windows.
23-Aug-03 - updt 10-Sep-03


Home

Index

Services

19-May-03
SCO sues IBM

15-May-03
RIAA vs Peer-to-peer

30-Mar-03
Office Depot Aids Monopoly

23-Feb-03
2003 & Beyond

2-Jun-02
You've got Klez!

13-Apr-02
MS Office .NET

28-Jan-02
The DoJ Settlement

04-Aug-01
Tech Stocks Tank

04-Aug-01
MS Guns for Intuit

04-Aug-01
.Net Gains Speed

15-Jul-01
Court of Appeals: Guilty!

13-Jul-01
Back in Operation

09-Feb-01
Software Licensing

15-Jan-01
Is Linux for Your Business?

1-Jan-01
Predictions

25-Dec-00
Microsoft Invades Accounting

21-Dec-00
.Net Takes Shape

24-Nov-00
The Next Windows

08-Oct-00
Winds of Change

23-Jun-00
Microsoft .Net

10-Jun-00
Microsoft strikes out at Linux

7-Jun-00
Tried, Guilty, Sentenced

28-May-00
OS/2 Finally Dead

11-May-00
The ILOVEYOU Worm

6-Apr-00
What's to be done with Microsoft

25-Mar-00
Our Web comes alive again

A year and a half after Bill Gates' high profile launch of Microsoft's "Trustworthy Computing" initiative, we continue to be treated to ever more damaging security problems of all kinds, but particularly fast moving worms and trojans exploiting Windows flaws.

The Blaster worm (A5) exploited a flaw in the newest versions of Windows, including Windows Server 2003 which was released more than a year after launch of "Trustworthy Computing".

This flaw was so serious the Department of Homeland Security twice pleaded with American businesses to patch their computers. Unfortunately, many PCs vulnerable to Blaster are home PCs and SOHO (Small Office Home Office) PCs who's owners didn't hear the warning and wouldn't have a clue how to deal with it if they had.

Blaster was followed immediately by the W32/SoBig.F worm (A3), which blew the W32/Klez.H worm right off the charts as the fastest infecting email worm ever.

SoBig.F was followed immediately by announcement of three more critical flaws (A7) in Windows allowing attackers to "run arbitrary code", and news of the Voyager Alpha Force SQL worm (A6) followed that.

A cluster of 6 new vulnerabilities (A22) was anounced on 3 SEP including a "Critical" flaw in all Microsoft Office products from Office 97 on, including Microsoft Great Plains, Solomon and Dynamics (Navision) accounting applications (A20,A21). The flaw, if not patched, will allow hackers complete control of your computer - but not to worry, hackers probably don't understand debits and credits any better than your bookkeeper does.

This critical flaw, and nearly all others found in recent months, were found not by Microsoft's Trustworthy Computing initiative, but by third party investigators who do not have the source code. A major worm or attack based on this flaw should appear in 4 to 8 weeks, and most Windows PCs will not be patched to defend against it.

Two others flaws in this cluster are rated "Important". Since these can be used to format your hard disk, I'd consider them "Critical", but Microsoft added the "Important" category last year in a desparate move to cut down on the number of "Critical" flaws announced.

And the vaunted Blaster patch turns out to be as porous as the code it patched, so there's now a Critical patch for the Critical Blaster patch to stop more blaster type attacks from going throught the patch (A28). Good news for all you who have just finished installing your Blaster patches.

And three more Critical flaws on 10-Sep-03, two of which allow Blaster type worms and complete takeover of your computer (A27)! A working exploit was distributed on the Intenet within 6 days (A29). Microsoft has published a seive and expects every Windows user to stop and plug each and every hole one at a time,

Yay!! Yet another fast moving Worm on 18-Sep-03, W32/Swen.A, and this one defends itself by disabling Windows features and disabling antivirus software, so it's unusually difficult to remove. Instructions here

Ooooops! 5 more flaws 15-Oct-03 - 4 of them "critical" one "important" and they all affect the post Trusted Computing super secure Windows 2003 Server (A35). Oh yes, one other thing, there's now a patch to patch the patch that patched the patch for the RPC flaw (A36).

By the first week of November, 2003 things looked so bad Microsoft resorted to the desperate measure of posting $250 Thousand cash bounties on the writers of the Blaster and SoBIG.F worms - greatly enhancing their prestige within their peer group (A37).
(Top)

Microsoft Protects Microsoft

Microsoft's own Web servers were directly threatened by the Blaster worm, so they took steps to minimize damage by hiding their Windows 2003 / IIS servers behind the Linux servers of Web caching service Akamai (A1).

Under this scheme Web pages requested from www.microsoft.com are actually delivered by the Akamai Linux servers. These servers in turn get any requested page they don't already have from the Microsoft Windows 2003 servers, protecting those vulnerable machines from overload.

Strangely, Netcraft shows Microsoft's site to be using Microsoft IIS (Internet Information Server) running on Linux. This is impossible because Microsoft makes sure it's server applications can run only on Windows. Akamai's servers almost certainly run a version of the open source Apache Web server, they are just passing the IIS headers through.

Why would Microsoft accept certain embarrassment by selecting a Linux based service while they're spending millions to convince people the open source Linux operating system is inferior to Windows in every way? Probably because nobody in his right mind would try offering this kind of service using Windows servers. Given performance, security, administration customization and cost issues, open source products win on every count.
(Top)

Why Weren't Computers Patched?

Microsoft issued patches for the vulnerability Blaster exploited a month before Blaster appeared, yet hundreds of thousands of vulnerable machines were left unpatched. This is typical of other vulnerabilities as well. Why?

Microsoft issues major patches at least every 2 weeks. Windows isn't centralized so those patches have to be rolled out to each individual machine. Microsoft's patching tools are difficult to use and work under only certain circumstances and with certain Service Packs. It's difficult to find out if a machine has been patched or not, or if the patch actually worked.

Even skilled administrators are slow to patch because Microsoft's patches often cause other problems, including software incompatibility, instability and failure of computers to boot. There are often patches to fix the patches and sometimes the patches don't fix the vulnerability (A24). If something goes wrong, Microsoft provides no way to back the patch out, you have to completely reinstall Windows, all the previous patches, and all your applications (because the registry is blown away). You've spent all day and you've still got an unpached system - now what?.

OK, I have been informed by ZDNet columnist Josh Mehlman that a Windows patch can sometimes be backed out (A31). I doubt many system administrators feel comfortable that the uninstall for a patch that just screwed up their system works perfectly, so a reinstall is still prudent even if backout is available - and you still have an unpatched system.

Sometimes the patches don't work anyway, and themselves have to be patched, as with recent Internet Explorer patches and the Blaster patch itself (A24, A32, A28).

Patched machines tend not to stay patched. Some patches and updates have negated previous patches, and every time you have to reinstall Windows, all the updates and patches have to be applied all over again. It's practically impossible to patch every machine on a large network anyway, yet just one unpatched machine can bring the whole network down. Here's more on patching problems.

So lets say your company has 8000 computers (or 8 for that matter). Do you have sufficient staff to keep up with all these patches and apply them to all your machines promptly, despite thedifficulties noted? I imagine not, and nor does any other company. System administrators are getting damned pissed at Microsoft calling them "lazy" every time a new worm goes wild, too.

The biggest problem with all this is patching doesn't work as an effective defense (A17). The best it can do is make things a little better, at considerable expense. Some security analysts consider the continuous cycle of difficult and unreliable patching more costly than the worms.

Microsoft announced patches for six more "Critical" vulnerabilities within four weeks of Blaster, and a couple of "Important" (almost critical) ones. Have you patched all your computers? Are you going to?

Administrators say they simply can't stand for much more of this nonsense (A14). Microsoft, in desperation, is turning to the idea of automatic patching, but this has plenty of problems of its own - aside from being in violation of U.S. banking law and the new HIPAA laws for the health care industry. Given the recent history of Microsoft's patches this would be a disaster on wheels.

Suppose one of your critical systems gets patched automatically and doesn't boot or run your software any more and you don't know why. When you finally figure it out, your first impulse might be to sue Microsoft for damages, but the EULA you "signed" says they don't warrant their software to work or to be "suitable for any purpose", and they've got a whole pod of lawyers to back that up. The EULAs for Windows XP, 2000 SP2 and 2003 specifically allow them to enter your network and diddle your computers without liability for damages.
(Top)

Wouldn't Any Other System be as Vulnerable?

That's Microsoft's official line, but it isn't true. While every system is vulnerable to attack, the ease with which Windows systems can be compromised, the number of vulnerabilities, and the speed with which attacks can propagate are unique to Windows.

For a concrete example showing the defect in Microsoft's argument, look at Internet Web servers. The open source Apache Web server running primaily on open source Linux and BSD operating systems has more than twice the market share of Windows and IIS (Internet Information Server), yet it's the Microsoft products that have earned a reputation for poor security.

A recent Linux worm was listed as infecting "1 to 5 computers". A really bad Linux worm (Slasher) infected less than 6000 (vs. hundreds of thousands within hours for a typical Windows worm) and was easily eradicated (A8). BSD Unix servers have an even better record. There are millions of Linux and BSD computers fully exposed to the Internet - the Internet runs on them.

Let me be clear that other system can be made insecure through intent or stupidity. A prime example is "lowest cost" systems from WalMart running the Lindows version of Linux. Lindows imitates Windows "ease of use" by encouraging regular users to run as root - the worst security mistake you can possibly make on a Unix/Linux system. Even so, they're not as bad as Windows because they lack the "tight integration" and automation tools Windows comes with.

Security problems with Windows are legion, and many experts consider it too broken to fix, ever. Windows was created as a single user system unconnected to any network, never mind one as dangerous as the Internet. It was designed to be "feature rich" and "user friendly", fully integrating all computing functions "seamlessly", with no barriers. All the tools a worm or virus writer needs are included in Windows by default. More and more network functions continue to be integrated deeply into Windows (to lock out competitors) with few if any safeguards.

Microsoft completely ignored security until recently by their own admission, because "people wouldn't pay for it". The only reason they're paying lip service to it now is because it's become a major public relations problem. A system with this heritage can't be fixed retroactively, and exposing Windows computers to the Internet is not prudent.

Here's more on the reasons for Windows' vulnerability, and more here (A2), and an article from Security Focus (A33), and, to be fair, a rebuttal from Sophos, a company who's income is derived entirely from Windows vulnerabilities (A34)..
(Top)

Danger Goes Far Beyond Your Computer

Dangers from connecting a Windows PC to the Internet go far beyond damage to the PC, theft of financial information including credit card and banking information and other obvious risks.

Take the case of Julian Green, who was recently acquitted in court on false charges of distributing child pornography. Mr. Green was arrested, hauled off to jail, lost custody of his daughter, lost his home, lost all standing in the community, and ran up huge legal fees in a 9 month battle to prove he was not guilty (A4).

Mr. Green was entirely unaware that a trojan program had concealed a library of illegal child pornography on his PC and was using his PC to make this content available for download on the Internet. Law enforcement tracked the content to Mr. Green's PC and hauled him off to jail. Given the current hysteria over child abuse, the law wasn't about to "let one get away".

Aside from hosting pornography and other dangerous content on the PCs of innocent people, worm delivered trojans are used to launch DDoS (Distributed Denial of Service) attacks and to relay spam (Unsolicited Commercial Email) so it looks like it came from your PC.

Yes, this can happen to you. Sure, I hear you, but Mr. Green didn't expect it to happen to him either. Please see the section How Can I Protect Myself for how you can minimize your risk.

Please be aware - worms and viruses are not the only conveyance by which trojan and "back door" programs can be placed on your computer. Simply browsing Web pages with Internet Explorer can do it if you visit an infected site (A25), and the site owner may be completely unaware his site has become infected.
(Top)

Why It's Going to Get a Lot Worse

Eradicating worms and viruses, fixing the damage, updating antivirus programs, patching Windows and lost productivity from all of these costs businesses billions of dollars worldwide, Somehow, though, these expenses are never included by Microsoft in their "low TCO" (Total Cost of Ownership) calculations. On the other hand, these billions are a small fraction of the damage that could have been done, and of the potential for future damage.

The small extent of damage to date stems from the good will and/or incompetence of worm writers. For instance, whoever launched the Klez.H worm deliberately disarmed it's destructive potential before release or it could have cost orders of magnitude more. Whoever launched the Magistr worm included so many warning annoyances I've seen only one case where it was left to go to its destructive conclusion.

Many security experts are convinced what we have been seeing is mostly "proof of concept" runs and development tests - the real attacks are yet to come (A16). While some attacks still appear to be random acts by antisocial nerds, many show troubling evidence they are being devloped to cary some sort of payload or do specific covert tasks.

The SoBig series are quite evidently experiments in creating a distributed spam network to flood the Internet with unsolicited commercial email. Each iteration has been more sophisticated and more complete than the one before. There has been a marked increase in cross polination of ideas among worm writers, spammers and perpetrators of commercial scumware (A18).

The saving grace for Blaster and SoBig.F has been gross miscalculation by the worm writers. Both misjudeged how fast they would propagate, so both were timed to do their dirty work a week after launch when it should have been timed for about 2 days. Blaster was also configured to attack the wrong Microsoft site, so it was easily deflected.

The long trigger time allowed security firms to come up with effective countermeasures and antivirus publishers to update their products. Blaster was successfully deflected and the servers SoBig.F was to download trojan code from were effectively blocked. You can be sure worm writers will learn from these mistakes and not repeat them.

The Slammer Worm was completely unarmed, all it did was spread (A10). It didn't even permanently infect the machines, all you had to do was shut down and restart. As it was it slowed the Internet down to a crawl and shut it down completely in Korea, shut down many ATM machines, airline reservation services, the safty monitoring system for a nuclear reactor (A12), and other important systems. Suppose it had carried a destructive payload timed to go off in a couple of hours, what then? Will the next one?

The Blaster worm shut down CTX, the largest railroad system in the Eastern U.S., for hours, crippled the new Navy/Marine Corps intranet (A13), shut down Air Canada's check-in system, closed Maryland's Department of Motor Vehicles for a day, and has been implicated in the severety of the Northeast blackout (A15). Suppose instead of launching a silly misdirected denial of service attack, it had formatted hard disks. The State Departments anti terrorist database was shut down for hours worldwide by a worm on 23-Sep-03 (A30). Suppose it had been a destructive worm? How safe do you feel?
(Top)

How Can I Protect Myself?

The solution is glaringly obvious, but since you're convinced you can only run your business on Windows software, you have no choice but to apply Band-Aids.

Despite your best efforts you will likely be seriously infected sooner or later. It takes a couple of days for antivirus companies to analyze a new threat, invent countermeasures and get them downloaded to your computers (A23). During those days you are fully exposed. The Slammer worm infected nearly every vulnerable machine in the world (about 170,000) in 10 minutes (A9).

Securing your business takes time, money and vigilance - there's no "magic bullet" that does it all. You are exposed and your opponent is invisible - only a few bozos and script kiddies ever get caught (A19). Here are measures we recommend.

  • Antivirus Subscription - with both program and virus definitions checked for updates from the publisher daily. If the Internet or email are much used, the antivirus should be set for "dynamic" protection with the antivirus always running. This can severely impact performance in some cases, forcing a choice between security and usability.
  • We use Command Antivirus ($24/year) for reasons of convenience. A free (for noncommercial use) antivirus (AVG) is available from GRISoft, and of course there are the "big names" everyone knows, like Norton and McAfee.

  • Firewall - between your business network and the Internet. Firewalls can stop some worm attacks, such as Blaster or Slammer, but many email and HTML (Web) based worms, viruses and trojans will go right through because they look like legitimate traffic. Firewalls are most effective at preventing access by hackers and industrial spies.

    Simple firewalls (Linksys and DLink DSL/Cable routers for instance) will not stop outgoing traffic such as a trojan program might use. In these cases, a "personal firewall" like ZoneAlarm can be used, but those can be subject to attack from within.

    Companies with effective firewalls were still blasted by Blaster when employees came to work and plugged their notebooks into the business network. Many had been fully exposed and infected while away from the office and gave Blaster direct access to the network from behind the firewall.

    Microsoft itself was fully penetrated through a manager's home computer because it was not sufficiently protected. Since he had access through the firewall, so did the hackers who controlled his computer.

    If your business is substantial, and especially if it is multi-site or allows access from outside, good security practices must be followed that much more carefully because the risks are much greater. Here's an excellent article for managers Fire your IT director now. Take it to heart.

  • Monitor Microsoft's Patch Notices - Download and install all security patches for the Microsoft products you use. Microsoft issues continuous bulletins about their latest vulnerabilities and the patches for them. You need to watch their site so you know what's coming and have a chance to fix it before the next worm blind-sides you. Of course, there have been exploits that appeared before the vulnerability was announced (the Army was recently hit by one), but they are rare.
  • Scumware Protection - We are seeing many machines made slow and unstable by advertising and spyware programs which are not detected by antivirus programs. These are picked up "voluntarily" while browsing the Internet, and can be removed by programs like Lava Software's Adaware or Spybot Search & Destroy. Some scumware, when removed, destroys network access. In those cases a tech will have to remove and reinstall TCP/IP.
  • Alternate eMail - We strongly recommend using a mailreader other than Outlook or Outlook Express. Outlook has been described as "a powerful virus distribution tool that also happens to read mail". Practically every fast spreading worm takes advantage of Outlook and uses the Outlook address list to email itself out.

    Alternate email programs are less much likely to get you infected (though it's still going to happen if you click on infected attachments), and if you do get infected, you aren't going to be sending the worm (and possibly sensitive documents) to all your customers and business associates. We have one client who doesn't use Outlook anymore, since the SirCam worm sent his customer list to his competitors.

    The eMail reader we prefer is PMMail, which is particularly good at handling multiple accounts, easily, logically and without confusion, something far beyond Outlook's capabilities. Note the 5-star review ratings listed on their site.

  • Alternate Web Browser - Internet Explorer has been vulnerable to a number of attacks, and is so deeply integrated into Windows there is nothing to stop them from taking over your computer. Your computer can become infected with trojans simply be visiting a Web site that has itself become infected (A25). Mozilla is a more advanced browser than Internet Explorer anyway, providing pop-up suppression and tabbed browsing. Opera is another good alternative. You may encounter badly designed sites for which only Internet Explorer works, but minimizing its use will minimize your exposure.

Here we sometimes get hundreds of virus infected emails a day, but we run OS/2 so we just ignore them. There is simply nothing a Windows worm can do to our computers.
(Top)

Glossary

  • Arbitrary Code - This term is used in many Microsoft security bulletins. It means "any code the perpetrator cares to run". It's a less obvious way to say the perpetrator can have his way with your computer and have his way of having it.
  • Black Hat - A person skilled in penetrating and compromising computer systems who uses his skills for evil.
  • Buffer Overflow - A favorite avenue for attack on computer systems. The target system is waiting for a response, but doesn't check the size of the response. The attacking system sends a response that is way too large and contains attack code. Upon receiving the response, the attacked system attempts to continue, but the address of it's next command has been overwritten by an address for the attack code, so it executes the attack code instead.
    Some operating systems don't allow buffer overflows. This feature has recently been implemented for Unix, so it should soon find its way into Linux, but for Windows it's up to programmers to check for overflow.
  • Distributed Denial of Service (DDoS) - a coordinated attack by a number of computers with the objective of flooding a target server with so many bogus requests it can't respond to real requests.
  • EULA - End User License Agreement. The document you "signed" by running Microsoft software. It states that Microsoft does not warrant their software to be useful for any purpose whatever, and that they accept no liability for any economic loss you may suffer from its defects, but that you'd better pay your money and adhere to every letter of the EULA or you are in big trouble. You should read it some time.
  • Firewall - A firewall is a special software program that examines network traffic and compares it to a table of rules to determine if it should let the traffic through or not. This software may run in a specialized computer "appliance", itself called a firewall.
    Firewalls can be very simple, like the Linksys and DLink DSL/Cable routers, or they can be complex $15,000 devices depending on the complexity of your needs.
  • Hacker - According to an aging elite, a hacker is a person with uncommon knowledge of the internal workings of computer systems, and would never use that knowledge for evil. According to everyone else, a hacker is a guy that breaks into computer systems and/or writes worms and viruses. The elite call this person a "cracker" and complain incessantly about misuse of the term "hacker". This is one of the more quaint lost causes.
  • Root Kit - a suite of programs that, once installed on a computer, give their perpetrator unlimited administrative access to that machine. A root kit so compromises the system it generally cannot be detected. Root kits for Windows have recently been discovered, mainly due to programming mistakes that made their concealment imperfect.
  • Script Kiddie - A wannabe hacker of the lowest rank. The kiddie has no real expertise but downloads predigested "kits" from rogue Web sites that allow him to write viruses, break into systems or launch trojans. Lack of any significant skills limits the script kiddie to attacking Windows systems.
  • Scumware (Adware & Spyware) - software designed pop up advertising, hijack Web browsers or monitor Web browsing activities and report them to marketing information companies. These use concealment methods similar to those used by worms. Antivirus programs don't remove this because you "accepted it voluntarily", whether you realize you did or not.
  • Spam - Unsolicited Commercial Email - the trash that floods your email box with ads for bogus products, porn sites and get rich quick schemes. Spammers are scum, the lowest scum of the Internet.
  • Trojan - a program that, once installed on a computer, opens a "back door" allowing access to the computer by an unauthorized person. Trojans may be delivered and installed by viruses or worms. Typically, they "phone home" to let their perpetrator know they are active and what their IP address is, then wait for orders. Aside from allowing access to your data, the purpose of a Trojan may be to launch a DDoS (Distributed Denial of Service) attack or to act as a spam relay to make spam recipients think it was sent by you.
  • Virus - a program that propagates itself from one computer to another. It may or may not do damage to the computer either deliberately or by poor design. Unlike a worm, a virus can only install itself through some action by the computer user.
  • White Hat - A person skilled in penetrating and compromising computer systems who uses his skills only for good - to help system owners protect themselves from Black Hats. Commonly, the White Hat is a "reformed" Black Hat who's set himself up as a computer security business, sometimes following release from a "correctional facility".
  • Worm - a program similar to a virus in that it propagates itself from one computer to another, but different in that it can accomplish this without user action. As with a virus, it may or may not do damage to a computer depending on design.
  • Zombie - a computer that has been compromised by a trojan for use as in launching DDoS (Distributed Denial of Service) attacks, hosting porn, or other such tasks by command from a remote computer. The owner of the zombie is seldom aware of it's status as such.
(Top)

- Andrew Grygus

Additional Reading

  • A1 Akamai - CRN - Microsoft Uses Linux To Publish Its Own Web Site
  • A2 Windows Flawed - Washington Post - Microsoft Windows: Insecure by Design
  • A3 W32/SoBig.F - The Register - Sobig-F timed for Trojan download tonight?
  • A4 Arrested for Kiddie Porn - Milwaukee Journal Sentinel - 'Trojan horse' led to false porn charges
  • A5 W32/Blaster - eWeek - Blaster Worm on the Move
  • A6 Voyager Alpha Force - eWeek - SQL Server Worm on the Loose
  • A7 Three More Windows Patches - The Register - MS releases unholy trinity of security fixes
  • A8 Slapper worm - CNet News.com - Linux worm creating P2P attack network
  • A9 Slammer Worm - UC Berkeley - The Spread of the Sapphire/Slammer Worm
  • A10 Slammer Worm - Wired - Slammed!
  • A11 Worm Fatigue - Computerworld - Users: We can't take much more worm turmoil
  • A12 Nuclear Reactor - Security Focus - Slammer worm crashed Ohio nuke plant network
  • A13 Navy Intranet - Computerworld - Update: Navy says intranet hit by worm but still functioning
  • A14 Admins Exhausted - Computerworld - Users: We can't take much more worm turmoil
  • A15 Northeast Blackout - Computerworld - Blaster worm linked to severity of blackout
  • A16 Real attacks yet to come - eWeek - What's Worming Our Way
  • A17 Patching Doesn't Work - CSO Magazine - PATCH AND PRAY
  • A18 Spyware - Javacool Software - SPYWARE ALERT: RapidBlaster
  • A19 Law Enforcement - The Register - Parsons not dumbest virus writer ever, shock!
  • A20 New Office Flaw - Computerworld - Microsoft warns about new software flaw in Office suite
  • A21 New Office Flaw - Microsoft - What You Should Know About Microsoft Security Bulletin MS03-03
  • A22 6 New Flaws - The Inquirer - Slew of Microsoft security bugs announced
  • A23 Antivirus doesn't protect - The Register - The trouble with anti-virus
  • A24 IE Patches ineffective - The Inquirer - Internet Explorer security fixes don't work properly
  • A25 ISP Compromised - Compuerworld - Security breach at Web host leaves sites at risk
  • A26 Firewall Management - The Inquirer - Fire your IT director now
  • A27 More Critical Flaws - CNet News.com - Windows flaws allow PC takeover
  • A28 Blaster Patch Leaks - The Register - MS amends anti-Blaster fix
  • A29 Exploits in 6 days - InfoWorld - Hackers find way to exploit latest Microsoft hole
  • A30 State Department Virus - Computer World - State Department visa system disrupted by virus
  • A31 Backing Out Patches - ZDNet - A lesson in logic
  • A32 IE Patch not effective - The Register - Trojan hijacks web browsers
  • A33 Viruses - Security Focus - Linux vs. Windows Viruses
  • A34 Viruses rebuttal - Virus Buletin - Linux vs. Windows viruses: a rebuttal
  • A35 5 more patches - Computerworld - Microsoft issues patches for five software flaws
  • A36 Patch for Patch for Patch for Flaw - The Inquirer - Things that are injurious to your computer's health right now
  • A37 Bounty Posted - eWeek - Microsoft Puts Bounty on Virus Writers
(Top)

©Andrew Grygus - Automation Access - www.aaxnet.com - aax@aaxnet.com
Velocity Networks: Network Consulting Service - Internet Service Provider - Web Page Design and Hosting
All trademarks and trade names are recognized as property of their respective owners