Yahoo! News - Web Worm Mars Microsoft Security Push

News Home - Yahoo! - Help

Valentine's Day: Diamond Sale | FTD.COM Flowers | Victoria's Secret

Welcome, etswanson

Personalize News Home Page - Sign Out

Yahoo! News Tue, Jan 28, 2003

for

Advanced

	News Front Page
	Top Stories
	Business
	World
	Entertainment
	Sports
	Technology
	Internet
	Personal Tech.
	Communications
	Software
	Enterprise
	Apple/Macintosh
	Politics
	Science
	Health
	Oddly Enough
	Op/Ed
	Lifestyle
	Local
	Comics
	News Photos
	Weather
	Most Popular
	Audio/Video
	Full Coverage
	Lottery
	Crosswords
	News for Kids

News Resources

	Providers
	Reuters
	AP
	TechWeb
	USA TODAY
	NewsFactor
	PC World

	News Alerts
	South Korea
	Bill Gates

Search News

Search:

for

Advanced

Technology - Reuters

Web Worm Mars Microsoft Security Push

Mon Jan 27,10:50 PM ET

Add Technology - Reuters to My Yahoo!

Reed Stevenson

SEATTLE (Reuters) - The computer worm that exploited a flaw in Microsoft Corp.'s database software to cripple global networks turned out to be an unwelcome if unintended anniversary for the No. 1 software maker's effort to make its programs more secure.

AP Photo

Slideshow: Microsoft and Bill Gates

Our Business Section is growing!
Check new sections for: Stock Markets, Earnings, Economy and more...

Business Front

Microsoft said the damage caused by the "SQL Slammer" worm over the weekend, which targeted the company's corporate database program of the same name, showed it was on the right track with its "Trustworthy Computing" initiative, launched a year and one week earlier by Chairman and founder Bill Gates (news - web sites).

But critics, who noted that some of Microsoft's own computers were crashed by the Slammer worm, said the incident demonstrated that Microsoft's tighter chain of security was only as good as its weakest link: the thousands of harried network administrators charged with updating Microsoft's systems.

Saturday's attack on the Internet, the most damaging in 18 months, clogged the pipelines of the global Internet. Web access was nearly shut down in South Korea (news - web sites), which bore the brunt of the slowdown.

"We still have a lot more to do, but it (the worm attack) shows how important the Trustworthy Computing initiative is," Scott Charney, Microsoft's Chief Security Strategist, told Reuters on Monday.

Charney said the main goal for Microsoft in the wake of the attack was to make sure customers were aware that a patch for the security hole in SQL, which had been available since last summer, could be downloaded and installed to prevent the worm or some variant from flaring up again.

"The single largest message is: keep your system up to date with patches," Charney said.

In response, security experts lashed out at Microsoft, saying that the software giant still needed to make a greater effort to plug potential holes in its products.

"I don't buy it," Bruce Schneier, Chief Technology Officer of networking monitoring company Counterpane Internet Security said regarding Microsoft's call for system engineers to install updates to its software.

"That's blaming the victim," Schneier said.

(Story continues after advertisement)

Although the security patch, which addresses a security hole in SQL, was available since last July, many system administrators had failed to implement the fix because they often required extensive testing before installation, Schneier said.

With numerous patches for all of its products, security experts said the main objective should be to develop software that was free of patches or less prone to security flaws, not to constantly issue fixes and risk attacks from malicious programs.

While governments were still probing the source of the worms, which remained a mystery, security experts dismissed the idea that the worm might have been deliberately timed to coincide roughly with the first anniversary of Microsoft's secure computing drive.

BITTER MEDICINE

Microsoft also saw some of its own computers taken down by the worm, after the malicious program infected SQL servers on the software giant's own network that had not had the appropriate patch installed.

Microsoft spokesman Rick Miller said none of Microsoft's SQL server connected to the Internet were affected. Instead, internal SQL servers running on computers used by developers were infected, causing a slowdown in the Redmond, Washington-based company's own internal network.

Charney said the greatest challenge for Microsoft was making sure that information was being passed on to users and that they learn of critical updates for software.

In response to Saturday's attack, Microsoft said it had built an installation program to make it easier to implement the patch, offered top-level support to its customers, offered a toll free service number (1-866-PCSAFETY in the United States) and was working with the Computer Emergency Response Team and other agencies to investigate the attack.

Other security experts said software users would have to accept the fact that software, whether it be Microsoft's or any other platform, would remain buggy and nearly impossible to secure, given the complexity of modern software design.

"In their defense, they provided a patch six months ago," said Marc Willebeek-LeMair, Chief Technology Officer of TippingPoint Technologies Inc., which developed an "inoculation" that allowed networks to shut out SQL Slammer.

"We all know that when you have millions of lines of code (the underlying instructions for software programs) there are going to be bugs, said Willebeek-LeMair.

Email Story

Post/Read Msgs

Print Story

Ratings: Would you recommend this story?
Not at all 1 - 2 - 3 - 4 - 5 Highly
<script language="JavaScript" type="text/javascript" src="http://personal.news.yahoo.com/us/news/ratings/getavgrate.html?locale=us&prop=news&rateid=nm/20030128/tech_microsoft_security_dc&type=T&cat=569&ncid=581&js=1"> </script>

Prev. Story:	Siebel to Move to IBM Technology Platform (Reuters)
Next Story:	IBM Sets Regular Quarterly Dividend (Reuters)