[KLUG Members] Fwd: your morning, microsoft-related virus news

Mike Morrett members@kalamazoolinux.org
Sat, 25 Jan 2003 12:07:38 -0500 

FYI...

----- Original message -----
From: "Robert P. J. Day" <rpjday@mindspring.com>
To: "redhat mailing list" <redhat-list@redhat.com>
Date: Sat, 25 Jan 2003 11:33:16 -0500 (EST)
Subject: your morning, microsoft-related virus news


---------------------

WASHINGTON (Jan. 25) - Traffic on the Internet slowed dramatically for
hours 
early Saturday, the effects of a fast-spreading, virus-like infection
that 
overwhelmed the world's digital pipelines and broadly interfered with Web 
browsing and delivery of e-mail.

Sites monitoring the health of the Internet reported significant
slowdowns 
globally. Experts said the electronic attack bore remarkable similarities
to 
the ''Code Red'' virus during the summer of 2001 which also ground online 
traffic to a halt.

''It's not debilitating,'' said Howard Schmidt, President Bush's No. 2 
cyber-security adviser. ''Everybody seems to be getting it under
control.'' 
Schmidt said the FBI's National Infrastructure Protection Center and
private 
experts at the CERT Coordination Center were monitoring the attack and 
offering technical advice to computer administrators on how to protect 
against it.

Most home users did not need to take any protective measures.

The virus-like attack, which began about 12:30 a.m. EST, sought out 
vulnerable computers on the Internet to infect using a known flaw in
popular 
database software from Microsoft Corp., called ''SQL Server 2000.'' But
the 
attacking software code was scanning for victim computers so randomly and
so 
aggressively - sending out thousands of probes each second - that it 
saturated many Internet data pipelines.

...

The attack sought to exploit a software flaw discovered by researchers in 
July 2002 that permits hackers to seize control of corporate database 
servers. Microsoft deemed the problem ''critical'' and offered a free 
repairing patch, but it was impossible to know how many computer 
administrators applied the fix.

''People need to do a better job about fixing vulnerabilities,'' Schmidt 
said.

...

-----------------------

  Some of you might remember that, before taking the position of
cyber-security czar, Schmidt was chief security officer for Microsoft,
which undoubtedly explains his penchant for blaming the user, not
the source.

rday
  



-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

--
No cream, no sugar, and death before decaf!