Patch Early, Patch Often, or else…
A worm targeting Windows users was spreading rapidly around the world Tuesday, triggering computer crashes and slowing Internet connections.
The worm, christened Blaster but also known as LoveSan or MSBlaster, carried a message for Microsoft’s chairman: “Billy Gates why do you make this possible? Stop making money and fix your software!!”
Blaster, which zeroes in on the Windows 2000 and Windows XP operating systems, has been timed to attack a Microsoft security website distributing the patch needed to stop the worm in its tracks before it hits millions of users.
It specifically targets the latest versions of the Windows software and experts predict home users will be hit hardest. The vast majority of the world’s computers are equipped with one form or another of Windows software.
“I anticipate that Blaster will have its biggest impact on the home-user community as they are more laid back about keeping their antivirus and patches up-to-date and may have insufficient firewalls in place,” said Graham Cluley, a technology consultant at Sophos Anti Virus, a British firm.
Blaster is fairly unusual in that it does not spread specifically by e-mail. It can travel through a normal Internet connection.
Security experts advised computer users to visit Microsoft’s site to download the patch. Blaster’s author has programmed the worm to knock the Microsoft site offline August 16, the experts said.
A host of European and Asian antivirus firms said corporations were reporting having been infected as their systems went online Tuesday.
Following a quick patch job, many corporate systems were back up and running without a hitch. But as the greatest damage was expected to be in the home market, the actual toll of Blaster might be difficult to determine, the experts said.
Once Blaster infects a computer it scans the Internet for other vulnerable machines to attack. In some cases the worm causes the computer to crash, but does not infect it.
“It’s dangerous from the perspective that it can consume a lot of bandwidth,” said Russ Cooper of TruSecure. “Every compromised machine is constantly attacking.”
In January, a worm known as Slammer, which exploited a hole in Microsoft SQL database software, brought automatic teller machines in the United States to a standstill, paralyzed corporate networks worldwide and nearly shut down Web access to South Korea.
Patch/Fix:
