Microsoft admits new Windows problems

Jim · 09-10-2003, 03:20 PM

- - - - - - - - - - -
By Ted Bridis

Sept. 10, 2003 | WASHINGTON (AP) --

Just moments before a top Microsoft executive told Congress about efforts to improve security, the company warned customers Wednesday of serious new flaws that leave its flagship Windows software vulnerable to Internet attacks remarkably similar to the Blaster virus that infected hundreds of millions of computers last month.

Microsoft urged customers to immediately apply a free repairing patch from its Web site, www.microsoft.com. It cautioned that hackers could seize complete control over a victim's computer by attacking these flaws, which affects Windows technology that allows computers to communicate with others across a network.

Outside experts said the new flaws were nearly identical to problems that were exploited by the so-called Blaster infection, which spread last month with devastating damage. Computer users who applied an earlier patch in July to protect themselves still must install the new patch from Microsoft.

''They're as close as you can be without being the same," said Marc Maiffret, an executive at eEye Digital Security Inc. of Aliso Viejo, Calif., one of three research groups credited with discovering the new problems. ''It's definitely a big oversight on Microsoft's part that they missed these."

The embarrassing disclosure by Microsoft came just moments before its senior security strategist, Phil Reitinger, told lawmakers on the House Government Reform technology subcommittee about the company's efforts to help consumers defend themselves against viruses and other Internet attacks.

''Microsoft is committed to continuing to strengthen our software to make it less vulnerable to attack," said Reitinger, a former deputy chief in the Justice Department's cybercrime division. Still, he acknowledged, ''There is no such thing as completely secure software."

The July announcement from Microsoft about the earlier software flaw in the same Windows technology was deemed so serious it prompted separate warnings from the FBI and Department of Homeland Security. Roughly three weeks later, unidentified hackers unleashed the earliest version of the Blaster infection.

http://www.salon.com/tech/wire/2003/...ows/index.html

...

...

mattblan · 09-10-2003, 04:19 PM

It's sad to think that 1/3 of the internet will not apply these patches until it is too late.

krstofer · 09-10-2003, 08:42 PM

Yeah there's a suprise.

http://krstofer.org

09-10-2003, 03:20 PM	#1
Jim Administrator Join Date: Jan 2002 Location: NJ Shore Posts: 7,195	Microsoft admits new Windows problems - - - - - - - - - - - By Ted Bridis Sept. 10, 2003 \| WASHINGTON (AP) -- Just moments before a top Microsoft executive told Congress about efforts to improve security, the company warned customers Wednesday of serious new flaws that leave its flagship Windows software vulnerable to Internet attacks remarkably similar to the Blaster virus that infected hundreds of millions of computers last month. Microsoft urged customers to immediately apply a free repairing patch from its Web site, www.microsoft.com. It cautioned that hackers could seize complete control over a victim's computer by attacking these flaws, which affects Windows technology that allows computers to communicate with others across a network. Outside experts said the new flaws were nearly identical to problems that were exploited by the so-called Blaster infection, which spread last month with devastating damage. Computer users who applied an earlier patch in July to protect themselves still must install the new patch from Microsoft. ''They're as close as you can be without being the same," said Marc Maiffret, an executive at eEye Digital Security Inc. of Aliso Viejo, Calif., one of three research groups credited with discovering the new problems. ''It's definitely a big oversight on Microsoft's part that they missed these." The embarrassing disclosure by Microsoft came just moments before its senior security strategist, Phil Reitinger, told lawmakers on the House Government Reform technology subcommittee about the company's efforts to help consumers defend themselves against viruses and other Internet attacks. ''Microsoft is committed to continuing to strengthen our software to make it less vulnerable to attack," said Reitinger, a former deputy chief in the Justice Department's cybercrime division. Still, he acknowledged, ''There is no such thing as completely secure software." The July announcement from Microsoft about the earlier software flaw in the same Windows technology was deemed so serious it prompted separate warnings from the FBI and Department of Homeland Security. Roughly three weeks later, unidentified hackers unleashed the earliest version of the Blaster infection. http://www.salon.com/tech/wire/2003/...ows/index.html ... ...

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

09-10-2003, 04:19 PM	#2
mattblan Senior Member Join Date: Oct 2001 Location: N. California Posts: 1,148	It's sad to think that 1/3 of the internet will not apply these patches until it is too late.

09-10-2003, 08:42 PM	#3
krstofer Senior Member Join Date: Apr 2002 Location: Corvallis, Oregon Posts: 277	Yeah there's a suprise. http://krstofer.org