Windows RPC exploit spawns bots and worms Miscreants are taking advantage of slowness in patching systems with an emergency Windows security fix issued late last month to spread malware. Exploit toolkits for the MS08-067 are dropping bots that turn compromised machines into drones in a DDoS attack network, among other attacks. The attack code, thought to originate in …
The latest worm attacks are distinct from the earlier Trojan attacks, and low level, because they are not designed to cause widespread infection and system instability, only high key kernel takeover and makeover. IT playing IT long .... for Universal Command and Control of CyberSpace.
It is hardly anything to fear, unless you are up to no Good.
That user idiocy is the root of almost all exploits. At least 90% of them rely on you downloading and running a dodgy program yourself, the other 9.999% rely on you going to a dodgy website and clicking on something.
The fraction of a percent left are these really nasty ones that actually are a problem, the worms that rely on no user interaction to take over your system. All systems have these exploits, but unfortunately most of the exploits out there take advantage of the idiot sat in front of the computer, rather than the computer itself
The name of the authors girlfriend if I remember correctly (which I do). How sweet, releasing a virus to millions of people professing your love to your girlfriend. Whatever happened to a bunch of roses? :-)
It doesn't look like this new sploit is gaping quite so wide though, automatic updates and firewalls are all the rage now. If anything blaster/lovesan did the world a security favour, the guy should get a medal.
"And almost coherent with that." ... By Pascal Monett Posted Tuesday 4th November 2008 14:20 GMT
Thanks, Pascal, that tells me everything I need to know about your Future Understanding. And perhaps you could share with us the bit which prevented full coherence.
And there's a lot more going on in CyberSpace, than any who would think themselves capable of Controlling IT, will presently admit ..... which paradoxically puts them at a distinct disadvantage with its secrecy.
First of all, it's the users' fault for not keeping their system patched. Having said that, can you blame the user? It seems all too often that the official patches end up breaking something else. And let's be honest -- how many consumers (or even small-to-medium businesses) have spare systems with which they can test the patch to make sure it doesn't cause problems? Not to mention that's somewhat useless unless your spare system is an exact duplicate of your production system.
But yes, first and foremost, it's the users' fault. Within the past month, I've had to remove Antivirus 2009 five times (today being the latest). I did a Google search for "Antivirus 2009" to try to get a feel of how prevalent it is (it's very rare that I got a call for the same infection more than once), and one of the blogs it brought up was full of people admitting that they had voluntarily and purposely purchased the software (many of them claiming it was because they didn't want to lose their data). They then proceeded to complain about the software and how the FBI should be going after the authors. Whatever your take on that, you have to admit that these were pretty stupid users. To see a "warning" on your system from a piece of software you've never seen before and did not install yourself, and to then believe what it said and actually purchase whatever they're punting. These are the same type of people who keep the spam alive by falling into the trap of clicking on links and buying whatever is being thrown at them. Not to put too fine a point on it, but these people are too stupid to own a computer.
Having said that, this is also Microsoft's fault. And no, I'm not even remotely hinting that it's just Microsoft or that any other OS is any better. I'm sure they all have their flaws. The point is that Windows XP is now seven years old. With their resources (read: profits), it would be easy for Microsoft to audit every single line of code looking for problems, at least the common ones -- buffer overflows, lack of data validation, etc. And there's nothing preventing them from auditing new code once it's written (before the product is released). But why do that when the world can be your beta testers? I'm not saying it's feasible to have any kind of guarantee against problems (or even that doing so would be a good idea), but surely they can take steps to make sure their products are not as susceptible to exploits as Windows has been.
In the end, there's plenty of blame to go around. But when you're dealing with a company the size of Microsoft, who can easily audit their code before it's released, and when you're dealing with software that costs half as much as the computer hardware it's running on, it's not unreasonable to expect a little more in terms of security and stability.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
