Malware

Microsoft Yells ‘Fire!’ – Then Bars the Doors

Microsoft rushed out an emergency security patch for its Windows operating system Thursday in the hope of heading off a potentially crippling hack attack to nearly a billion Windows-powered PCs.

Normally, the Redmond, Wash.-based software giant addresses bugs and security flaws through the issue of so-called software “patches” on the second Tuesday of each month.

The fact that Microsoft felt compelled to issue a patch Thursday underscores the seriousness of the security flaw identified in older versions of Windows, though the company’s latest version of the operating system, Vista, is not immune.

The patch was made available at 10 a.m. Pacific time. Microsoft was mum on details concerning the nature of the security flaw and held a live webcast to explain what was behind its issuance of the new patch at 1:30 p.m. Pacific time.

However, Heidi Peterson, a representative from Microsoft’s Portland, Ore.-based public relations firm, Waggener Edstrom, refused to grant the E-Commerce Times access to the live webcast.

‘A Dangerous Security Problem’

According to a blog post by Microsoft spokesperson Christopher Budd, the flaw is considered less dangerous to Windows Vista and Windows Server 2008 users. However, Windows XP and older versions are particularly susceptible to the security flaw.

“It allows an attacker to remotely take over your computer over the Internet,” Rob Helm, director of research at Directions on Microsoft, told the E-Commerce Times. “It’s easily exploitable once one person has done it.”

For example, someone exploiting the flaw could remotely install a hacked version of Windows that could monitor keystrokes and look for credit card information on an unsuspecting user’s PC. That data could then be used for illicit purposes.

According to a blog posted by Washington Post technology blogger Brian Krebs, “the vulnerability stems from a critical, wormable problem in the Windows server message block service, a component of Windows used to provide shared access to files, printers, and other communications over a network.”

Krebs’ information comes from an “unnamed source” who told him, “Redmond has acknowledged that criminals have for the past three weeks been using the vulnerability to conduct targeted attacks. The source said that so far, fewer than 100 targeted attacks leveraging this flaw have been spotted by Microsoft’s security team, but that Microsoft was rushing out this patch because the number of attacks appears to be increasing of late.”

The fact that the security flaw enables attacks over the Internet and affects XP, the most widely used operating system on the planet, makes the flaw a “potentially dangerous security problem,” Directions on Microsoft’s Helm said.

Security Improvements

So, how does this flaw in Windows stack up against past holes in Microsoft’s security?

“I think it’s up there with the most serious ones in the past because it’s so widespread,” Chenxi Wang, an analyst at Forrester Research, told the E-Commerce Times. “There are more than 1 billion Windows installations in the world today — 180 million are Vista, which leaves about 820 million Windows computers that are XP or older.”

That said, Microsoft has made substantial improvements in both the security of its software and its approach to addressing security issues.

“By and large, Microsoft has gotten better, especially in terms of getting the word out and explaining why this is important, at least compared to four or five years ago,” Helm said. “The company used to treat attacks as a PR problem and would downplay them and try to stamp them out. Microsoft today treats it as a security problem.”

Microsoft has a fairly well-established software security practice in-house, Chenxi noted. “They’re doing a lot better than they were even just two years ago.”

2 Comments

  • One of the major impacts of the current Presidential campaign has been to raise my ‘skepticism level’ from ‘Guarded’ to ‘High’ with intermittent spikes to ‘Severe’.

    I personally applaud Microsoft’s far more proactive approach to security issues the last 18-36 months. I know they take a lot of flak for the laundry list of new problems that seem to appear weekly, but you have to recognize they (Windows and Office) are unquestionably an elephant sized target in a jungle mostly populated by squirrels.

    (Ok, before you Macbigots and Linux lovers jump all over a fellow who belongs to both clubs, just consider the number of windows systems in the world vs. the total of all Linux variants. And then consider how many Windows machines are on desktops as opposed to being ensconced in relatively secure data centers. Simple economics dictates that ‘bigger target’ and ‘easy access to tools’ virtually dictates the highest threat activity will target Windows. Even bad guys are lazy and looking for the biggest ‘bang for their buck’.)

    All of which leads my suspicious mind to consider how great it is for Microsoft that this huge new threat targets WinXP, but does not affect Vista. Didn’t I read somewhere that they are working overtime to retire XP?

    And do you remember Vista? The OS Microsoft still wants business to adopt. The Windows OS that has respectable sales numbers only because it is virtually the only Windows OS offered to Consumers.

    While I don’t question the existence or seriousness of this new threat, I can’t help wondering how much input Steve Balmer and the Vista marketing team had into how it was presented to the world???

    Nah! Probably just my suspicious nature at work, but again…….

  • Microsoft did a stand-up job reporting this critical vulnerability. The sub-heading is misleading. In fact, there was such a large response to the webcast, that Microsoft added at least two additional webcasts to accommodate the demand.

    Our enterprise even received a direct call from our account rep underscoring the immediate need for action on this vulnerability in order to prevent a massive worm from gaining momentum.

    Microsoft has come a very long way in implementing security response infrastructure.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Technewsworld Channels