September 29th, 2003 10:33 PM
To fix software flaws, Microsoft invites attack
Microsoft's Security Response Center in Redmond, Wash., is the computing equivalent of a hospital emergency ward.
When a problem comes in the door the center's director, Kevin Kean, and his staff must swiftly make an assessment: Is the security weakness detected in a Microsoft software product only minor? Or is it possibly so serious that, if exploited by a vandal's malicious code (as happened last month with the Blaster worm) it might crash computers and networks around the world?
If the threat appears grave, the problem goes immediately into the center's emergency operating room, where it is attended to by a team of Microsoft engineers, working nearly round-the-clock to analyze the flawed code, anticipate paths of attack, devise a software patch to fix the defect and alert millions of customers of the problem and the patch.
"It's triage and emergency response--so it's a lot like an E.R. ward in that sense," Kean observed last week.
The race to protect the computing patient has begun again.
On Sept. 10, after Kean's team completed another E.R. mission, Microsoft issued an emergency warning of a critical vulnerability in its Windows operating systems and released a patch--its 39th so far this year. What particularly worries computer professionals about the warning is that the security hole in Windows is the same kind of flaw, in the same feature of the operating system, that was exploited in August by the notorious Blaster worm.
Those who monitor Internet crises know that once Microsoft raises the alarm and releases a patch, a curious race begins. Digital vandals--those who write worms, viruses and other rogue programs--eagerly download the patch and reverse-engineer, taking it apart to search for clues on how to exploit the very Microsoft security hole the patch was meant to cover.
Some portion of Microsoft customers, from corporations to home PC users, takes the time to download the patch, but most do not. Meanwhile, there is a scramble to write malicious code and spread it across the Internet.
The Blaster worm was sighted on the Internet 25 days after Microsoft warned of that security hole. The company issued the latest warning 19 days ago. So if recent history is a guide, Blaster 2 may be coming soon to a computer near you.
The brand-name worms and viruses of the last couple of years--Blaster, Sobig, Slammer, Code Red, Nimda, Love Bug and others--are simply the most virulent representatives of an alarming surge in attacks by malicious programmers.
The CERT Coordination Center at Carnegie Mellon University, which monitors rogue computer programs, reported 76,404 attack incidents in the first half of this year, approaching the total of 82,094 for all of last year. And the 2002 incident count was nearly four times the total in 2000. If anything, the CERT statistics may understate the problem, because the organization counts all related attacks as a single incident. A worm or virus like Blaster or Sobig, a self-replicating program that can infect millions of computers, is but one event.
The security flaws Kean's team is scrambling to catch and patch are part of the larger problem with software today. The programs that people rely on for all manner of tasks--from writing reports and sending e-mail, to monitoring factory floors and managing electric power grids--are becoming increasingly large, complex and, all but inevitably, filled with bugs. The problem is magnified by the fact that most computers are now linked to the Internet, enabling programs to travel around the globe and mingle with other programs in unforeseen ways.
AntiOnline Quick Forum Version 2b Click Here
September 29th, 2003 10:54 PM
September 30th, 2003 04:54 AM
Hmmm ... Interesting article. Thanks for the post. However, I would caution you about posting the whole thing, then providing the link:
Entire contents, Copyright © 2003 The New York Times. All rights reserved.
They might not appreciate the sentiment, like we do.
September 30th, 2003 05:00 AM
New York Times business section... i read it this morning
by the way is it a legitimate way of racking up positive point on AO just by cutting and pasting articles... i'm not accusing anyone of anything but seriously .. is that like a good thing
i\'m the guy who bitched out a girl about writting poems in General Chat... Now everyone thinks I hate women and that I\'m gay ... live and learn ... hehe
September 30th, 2003 07:10 AM
wow M$ just disgusts me, since i just recently purchased my new pc its had 4 me to justify a new one so my next comp whenever that may be will be an apple