digg

Facebook Connect Join Digg About
See the original image at pcworld.com

Microsoft Warns of Worm Attack on Windows

pcworld.com Security researchers at Microsoft Corp. last week warned of a significant climb in exploits of a Windows bug it patched with an emergency fix last month, confirming earlier reports by Symantec Corp.

Who dugg this? Made popular Nov 30, 2008

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

74 Comments

show profanity settings
expand all
  • Dumbledorito, on 11/30/2008, -0/+44Friends don't let friends use Symantic.

    Nod32 or AVG.
  • Ramzy, on 11/30/2008, -5/+41I'm not afraid. Norton Internet Security 2001 will keep me safe.
  • SSPink, on 11/30/2008, -0/+18or avast!
  • Junior612, on 11/30/2008, -0/+16New anti virus technique - everyone revert to QDOS!
  • stutimandal, on 11/30/2008, -5/+16Except for the genuine validation advantage once in a while, I think Windows Updates are pretty good. They work seamlessly and the server on Microsoft's side has never been down for me so far. It even caches the installation files, just in case if you got disconnected. They also provide a reason to start afresh with a "restart now."
  • Nimda11, on 11/30/2008, -0/+11If you are using free AV (why wouldn't you?!), Avast is the only way to fly. Light, effective, and unlike AVG protects against root kits.
  • Daimwn, on 11/30/2008, -11/+21Well if they opted out of the automatic updates by default they deserve worms. And please no OS comparisons. People evolve to be better which includes the products they make. From the OS to the worm. As long as everyone works together everything will get better.
  • HHP2K, on 11/30/2008, -2/+11I'm using Windows 98 so I'm REALLY safe
  • benologist, on 11/30/2008, -2/+10If you downloaded the freely available update they released 5 weeks ago the problem isn't there now.

    "Microsoft patched the bug in an out-of-cycle update five weeks ago after it discovered a small number of infected PCs, most of them in Southeast Asia ."
  • Fryth, on 11/30/2008, -2/+10Programmers make mistakes. This is really a question of how well the update system works, how Windows is configured to update out of the box (for users who don't -- and shouldn't be asked to -- know about this stuff), and how walled-in environments like corporate networks respond to this stuff.

    Bugs are going to happen, so the world has to know how to respond. Sounding the alarm until as many news organizations pick up on it as possible is not the best long-run strategy, imho.
  • sirbeta, on 11/30/2008, -1/+8Right, because no other operating systems contain security holes? Realistically speaking, do you think just installing Linux and never updating it keeps you protected forever? These things are constantly patched in other operating systems too.

    If people aren't keeping up to date with their security patches in Windows, they're going to get ***** eventually.
  • ZippyV, on 11/30/2008, -0/+7You had 5 weeks to test the patch.
  • SlapSticDotCom, on 11/30/2008, -2/+8Ah Norton... ruining LAN parties since your creation...
  • Krumm, on 11/30/2008, -0/+6AVG have been fumbling the ball a lot lately - false positives removing user files - Nod32 seems to be the winner.

    It would be nice to see a bit more competition at the high end to keep them on their toes, maybe Avast could redesign their UI and trim resource usage but keep the detection rates and they would be a good competitor.
  • blackmesa, on 11/30/2008, -2/+7It's worth buying some network hardware with NAT (and an SPI firewall), such as a common gateway router; for less than $100 you can protect yourself against practically everything (except your own mistakes). I ran an unpatched windows 98 machine as my primary computer for the last 6 months or so and never got one infection (I scanned the partition when I was virus hunting within a different OS on the disk a few weeks back).

    I did a fair amount of internet browsing and downloading. As long as you use common sense (stay away from those .ws and .ru domains, use a patched up browser, have the right firefox plugins, etc), you're practically 'bulletproof'.

    I'm using XP now (SP1), and it's just as healthy as the Win98 one was. I know that without my router, I'd probably be infected with quite a few things by now. The logs show constant hits on ports like 135 (blaster worm?), 445 (sasser worm?) and the like: Infected machines doing portscans on random(?) IP ranges.. searching for new victims. The firewall just plays dead and doesn't even report the port is closed to the attacker/zombie, instead pretending that nobody's home. Pretty much any modern router will do this.

    As long as I'm not stupid to infect myself (i.e. downloading a trojan), things should be fine.
  • palehorse864, on 11/30/2008, -2/+7Well if you remove your firewall you have only yourself to blame.
  • Dumbledorito, on 11/30/2008, -5/+10Right. It just makes so little sense that hackers would shoot for the largest target...
  • disgruntled, on 11/30/2008, -0/+4A really stern look in the general direction of the internet is more effective protection than Symantec.
  • LMN8R, on 11/30/2008, -2/+6Because we're too stupid to install updates released ~5 weeks ago?
  • depro9, on 11/30/2008, -2/+5I run Linux HAHA!
  • Denominator88, on 11/30/2008, -0/+3When AVG scans it takes up too much CPU power. Avast is the only way to go.
  • tnoy, on 11/30/2008, -1/+4I'm not afraid either, I've been patched for over a month now.
  • Myztry, on 11/30/2008, -0/+2if locale = ukaraine
    then be nice
    else be nasty

  • Resolution, on 11/30/2008, -0/+2Our healthcare organization was stricken with this worm this week and we are still fixing infected machines. Make sure your Windows machines have the patch Microsoft recently released.
  • Myztry, on 11/30/2008, -0/+2The Amiga had some brilliant viruses. Every library function (ie. the whole OS) was able to be intercepted. None of this simple interrupt vector TSR stuff.
    My personal favourite was the Saddam Hussein virus (he was hated even back in the 80's)
    The virus payload was in the disk-validator (think chkdsk) program which auto-started on a corrupt disc. The virus intercepted the sector red/write functions and encrypted/decrypted file by sector. The file-system would continue to work flawlessly.
    The trick was, to uninfected systems the disc would appear corrupted - starting the validator and infecting the machine, yet make the disc readable. If you removed the virus, the disc would remain encrypted and be unusable.
    The Amiga was brilliant in nearly every respect, but was absolutely insecure. Being the first domestic multitasking GUI machine had it's problem. Everything ran at once, and that is an issue that is still being worked out to this very day.
  • svivian, on 11/30/2008, -1/+3Whenever I hear something like this, it always remind me of: http://xkcd.com/272/
  • sudowrestler, on 11/30/2008, -0/+2They figured it out from the worm's code.
  • Zeigy, on 11/30/2008, -0/+2The worm avoids infecting Ukrainian computers. How did they figure that out? Has the worm been to every other country? What about the tiny island nation of Tuvalu in the middle of the Pacific or Nauru the smallest least populous nation? There are 241 countries.
  • draculthemad, on 11/30/2008, -0/+2On the chance you are being serious:

    I imagine it checks the local character set or something of that nature.
    Since its a worm, they can dissect/disassemble it to see how it works.
  • Kelmon, on 11/30/2008, -1/+3Automatic updates are fine for the single user but a big no-no in a business running mission-critical applications. In those situations the fixes need to be tested internally before being pushed out to desktop users and coordinating outages on servers, just in case they break something, and that takes time.

    This particular flaw seemed to have our IT organisation pretty worried.
  • colonelxc, on 11/30/2008, -0/+1Why do you like outdated OS's so much?
  • isaiasv, on 12/01/2008, -1/+2Nod32 > *
  • inactive, on 11/30/2008, -0/+1Longtime Nod fan here - recently switched to Avira AntVir. Nag screens ya, but nothing crazy and you know, its really clean and light on Vista. Totally free with all updates and no time lock seals it for me. And ya I really want to show some love for ClamWin but it's just not very mature yet.
  • inactive, on 11/30/2008, -0/+1Most poignant comment I've seen all day actually. This stuff all comes down to the user. Sometimes getting infected and learning the hard way is the best prevention in the future.
  • blackmesa, on 12/02/2008, -0/+1I don't, but sometimes you don't have a choice (crappy hardware).

    However, boot up windows 95 and tell me you don't smile with happy nostalgia at the startup sound! Also, I didn't have to mess around with dosbox to get my old games working! Finally I could play "Blood" with the sound working!
  • DontGiveADamn, on 11/30/2008, -0/+1You mean my xuk.ru isn't safe?
  • prashant90, on 12/01/2008, -0/+1Did you say Macgain?
  • inactive, on 11/30/2008, -1/+2There's a gremlin destroying the plane. You gotta believe me!
  • blacktriangle, on 11/30/2008, -0/+1Just dont forget to use Port Forwarding for your p2p appz.
  • kurough, on 11/30/2008, -1/+2nvm

    KB958644
  • motters, on 11/30/2008, -0/+1Windows can has antivirus ?

    http://lolcat.com/pics/pcservereatindata.jpg
  • kevlar21, on 11/30/2008, -2/+3For a moment I thought this was an Onion headline.
  • Rememberthe0511, on 11/30/2008, -2/+3That's because they give you updates some time before it's urgent. And because they love to only keep your software up to date.
    Like it blew my mind last time I logged into windows and I came to the understanding that software like VLC was not up to date, and if I wanted to make it up to date I would have to go google their website, find their download, download it and install it. That these things wouldn't just be taken care of for me right away.
  • svivian, on 11/30/2008, -0/+1*195
  • Zippo, on 11/30/2008, -1/+1Let's face it... Windows will never be secure. It's -full- of holes.
  • serverdragon, on 12/11/2008, -0/+0People who get worms and viruses are usually downloading porn or music anyway so they deserve them i have not had one infection on my computer in over 3 years
  • gharibyan00, on 02/28/2009, -0/+0It's not so afraid i usualy clean my comp, with HKP.
    http://www.historykillerpro.com
  • AppleMacStud, on 11/30/2008, -1/+1LOL. I'm sorry, and why do I use a Mac again? ^__^
  • Ronin123, on 03/14/2009, -0/+0Not when you yet infected by your Internet Security product. Mine is Nortons Internet Security 2009. If you have things detected and they are suppossed to to "ask me" with a pop up and there is no pop up. The product "allows" by itself to let it in. Real cute
  • Fetching more discussions...
    Show 51 - 78 of 78 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.