Tweet
Microsoft Pulls Blaster's Teeth
SEATTLE -- Microsoft may write flawed software, but it can take solace in the fact that the author of the Blaster worm also makes mistakes.
And that error may be Microsoft's biggest weapon in fending off part two of the Internet attack that started Friday and is expected to continue into Saturday. The worm, which so far has infected more than 350,000 computers around the world, now aims to bring down Microsoft's website for software patches by flooding it with traffic.
[...]
But there's a flaw. The worm instructed computers to call up http://windowsupdate.com -- which is an incorrect address for reaching the actual Microsoft website that houses the software patch. Although Microsoft long has redirected those who visited that incorrect address to the real site -- http://windowsupdate.microsoft.com -- the company disabled the automatic redirection Thursday in preparation for the onslaught of infected computers.
Microsoft also has added capacity to handle an increase in traffic, said Steve Lipner, director of security engineering strategy at Microsoft.
"We've taken a number of steps which should be pretty effective" at stemming the attack, he said.
Microsoft's real website should still be accessible to users, said Microsoft spokesman Sean Sundwall. However, those who don't know the correct address may be confused and believe that the so-called denial-of-service attack worked. The company is taking other measures to keep its site up and running, Sundwall said, although he declined to give specifics.
"Microsoft has pulled Blaster's teeth," said Lloyd Taylor, vice president of Web performance monitoring firm Keynote Systems, noting that nothing much had happened as midnight passed in Asia. "We do not expect to see any impact on the Internet infrastructure" from the worm's denial-of-service attack, he said.
And that error may be Microsoft's biggest weapon in fending off part two of the Internet attack that started Friday and is expected to continue into Saturday. The worm, which so far has infected more than 350,000 computers around the world, now aims to bring down Microsoft's website for software patches by flooding it with traffic.
[...]
But there's a flaw. The worm instructed computers to call up http://windowsupdate.com -- which is an incorrect address for reaching the actual Microsoft website that houses the software patch. Although Microsoft long has redirected those who visited that incorrect address to the real site -- http://windowsupdate.microsoft.com -- the company disabled the automatic redirection Thursday in preparation for the onslaught of infected computers.
Microsoft also has added capacity to handle an increase in traffic, said Steve Lipner, director of security engineering strategy at Microsoft.
"We've taken a number of steps which should be pretty effective" at stemming the attack, he said.
Microsoft's real website should still be accessible to users, said Microsoft spokesman Sean Sundwall. However, those who don't know the correct address may be confused and believe that the so-called denial-of-service attack worked. The company is taking other measures to keep its site up and running, Sundwall said, although he declined to give specifics.
"Microsoft has pulled Blaster's teeth," said Lloyd Taylor, vice president of Web performance monitoring firm Keynote Systems, noting that nothing much had happened as midnight passed in Asia. "We do not expect to see any impact on the Internet infrastructure" from the worm's denial-of-service attack, he said.
Comment