Microsoft Corp may write flawed software, but it can take solace in the fact that the author of the "blaster" worm also makes mistakes.
And that error may be Microsoft's biggest weapon in fending off part two of the Internet attack that started Friday and is expected to continue into Saturday. The worm, which so far has infected more than 350,000 computers around the world, now aims to bring down Microsoft's Web site for software patches by flooding it with traffic.
The worm was already starting to have an effect in Asia and other parts of the world, said Gordon Johndroe, spokesman for the Department of Homeland Security. He urged home users and small and mid-sized businesses to download the patch.
The virus-like infection, also dubbed "LovSan" or "MSBlast," exploits a flaw in most current versions of Microsoft's Windows operating system for personal computers, laptops and server computers.
Although Microsoft posted a software patch to fix the flaw on July 16, many users failed to download the patch, leaving them vulnerable to the worm, which first started hitting computers around the world on Monday.
The worm caused computers to reboot frequently or disrupted users' browsing the Internet. But it also packed a second punch: starting at midnight local time on Aug. 16, infected computers that have not cleaned up the virus will in effect turn into a legion of zombies instructed to repeatedly call up a Microsoft Web site that houses the software patch. With so much traffic flooding the network, the site could be unreachable and computer users would be unable to access the patch.
Fatal flaw
But there's a flaw. The worm instructed computers to call up http://windowsupdate.com -- which is an incorrect address for reaching the actual Microsoft Web site that houses the software patch. Although Microsoft has long redirected those who visited that incorrect address to the real site -- http://windowsupdate.microsoft.com -- the company disabled the automatic redirection Thursday in preparation for the onslaught of infected computers.
Microsoft's real Web site should still be accessible to users, said Microsoft spokesman Sean Sundwall. However, those who don't know the correct address may be confused and believe that the so-called "denial of service" attack worked. The company is taking other measures to keep its site up and running, he said, although he declined to give specifics.
Microsoft's network and others around the country may still see a slowdown in Internet traffic simply from the volume of activity the worm is expected to generate from its legion of infected computers, said Vincent Weafer, senior director of security response for Symantec Corp, a security and antivirus company.
However, considering that Microsoft has disabled the automatic link from the incorrect Web site to the correct Web site, the worm's effects are "not going to be catastrophic," he said. "The Internet by itself is very resilient."
"It's a very simple and effective way of redirecting a denial of service attack into nowhere," he said.
A love note
The rate of new infections has slowed, he said. But computer users who still have not downloaded the patch need to do so, he said, adding that the company expects new infections to continue for as long as two years to come.
The worm left behind a love note on vulnerable computers: "I just want to say LOVE YOU SAN!"
It also carried a hidden message to taunt Microsoft's chairman: "Billy gates why do you make this possible? Stop making money and fix your software!"
Microsoft doesn't take the taunt personally, said Sundwall.
"Certainly we have had our naysayers in the past and I think those who have an ax to grind and happen to know how to write some code sometimes choose this mechanism to exhibit their frustration," he said.
Sundwall noted that Microsoft has been trying to make its software more secure, even before the "Trustworthy Computing" memo that Microsoft chairman Bill Gates sent last January, emphasizing the need for security and spawning months of training for developers on how to tighten up their code.
Despite that initiative, the flaw appeared in Windows Server 2003, the first new operating system to come out since the Trustworthy Computing campaign began.
Sundwall said there's more work to be done, and that Microsoft is looking for any ways to improve its security.
"Most people would agree while we have a long way to go ... we've come a long way," Sundwall said.
CAUTIOUS RECOVERY: While the manufacturing sector returned to growth amid the US-China trade truce, firms remain wary as uncertainty clouds the outlook, the CIER said The local manufacturing sector returned to expansion last month, as the official purchasing managers’ index (PMI) rose 2.1 points to 51.0, driven by a temporary easing in US-China trade tensions, the Chung-Hua Institution for Economic Research (CIER, 中華經濟研究院) said yesterday. The PMI gauges the health of the manufacturing industry, with readings above 50 indicating expansion and those below 50 signaling contraction. “Firms are not as pessimistic as they were in April, but they remain far from optimistic,” CIER president Lien Hsien-ming (連賢明) said at a news conference. The full impact of US tariff decisions is unlikely to become clear until later this month
GROWING CONCERN: Some senior Trump administration officials opposed the UAE expansion over fears that another TSMC project could jeopardize its US investment Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) is evaluating building an advanced production facility in the United Arab Emirates (UAE) and has discussed the possibility with officials in US President Donald Trump’s administration, people familiar with the matter said, in a potentially major bet on the Middle East that would only come to fruition with Washington’s approval. The company has had multiple meetings in the past few months with US Special Envoy to the Middle East Steve Witkoff and officials from MGX, an influential investment vehicle overseen by the UAE president’s brother, the people said. The conversations are a continuation of talks that
CHIP DUTIES: TSMC said it voiced its concerns to Washington about tariffs, telling the US commerce department that it wants ‘fair treatment’ to protect its competitiveness Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) yesterday reiterated robust business prospects for this year as strong artificial intelligence (AI) chip demand from Nvidia Corp and other customers would absorb the impacts of US tariffs. “The impact of tariffs would be indirect, as the custom tax is the importers’ responsibility, not the exporters,” TSMC chairman and chief executive officer C.C. Wei (魏哲家) said at the chipmaker’s annual shareholders’ meeting in Hsinchu City. TSMC’s business could be affected if people become reluctant to buy electronics due to inflated prices, Wei said. In addition, the chipmaker has voiced its concern to the US Department of Commerce
STILL LOADED: Last year’s richest person, Quanta Computer Inc chairman Barry Lam, dropped to second place despite an 8 percent increase in his wealth to US$12.6 billion Staff writer, with CNA Daniel Tsai (蔡明忠) and Richard Tsai (蔡明興), the brothers who run Fubon Group (富邦集團), topped the Forbes list of Taiwan’s 50 richest people this year, released on Wednesday in New York. The magazine said that a stronger New Taiwan dollar pushed the combined wealth of Taiwan’s 50 richest people up 13 percent, from US$174 billion to US$197 billion, with 36 of the people on the list seeing their wealth increase. That came as Taiwan’s economy grew 4.6 percent last year, its fastest pace in three years, driven by the strong performance of the semiconductor industry, the magazine said. The Tsai
RSS