Security Incidents mailing list archives
WMF Threat OK , but no huge attack ... WHY ?
From: k levinson <levinson_k () yahoo com>
Date: Mon, 9 Jan 2006 13:30:40 -0800 (PST)
The threat was a bit overrated, or at least that's not the kind of threat this was. Vulnerabilities like this are unlikely to become a worm with the widespread impact of a Blaster, Slammer or Sober because it doesn't spread from PC to PC via a listening network service. I suppose if a prolific, time tested email worm like Sober had taken the WMF vulnerability and used it to install a proxy / DDoS Trojan, it could maybe have spread more widely with more damage caused. There were rumors of hundreds of thousands to millions of systems being infected; those rumors were probably incorrect. Antivirus may have done a better job at protecting against this than people expected. AV vendors reported hundreds of thousands to millions of WMF exploit files being detected and blocked. I believe there were lots and lots of infection attempts, just not lots and lots of infected systems. The exact same thing happened with Download.ject last year. There was lots of panic and screaming, but few systems were actually infected. Microsoft stated that their "intelligence" showed this to again be true this time around, but their statement was generally laughed at. Given that they offer a free phone number for helping any customer with any infection problems, I would expect Microsoft to have at least some insight into this. kind regards, karl levinson
-----Original Message----- From: pejman.gohari () gmail com
[mailto:pejman.gohari () gmail com]
The WMF threat was and continues to be important. But Im curious to know why we didnt observe any
important
attack on Internet?
No BOT virus deployed? No DOS worm attack? Any hypothese / explanation ?
__________________________________________ Yahoo! DSL Something to write home about. Just $16.99/mo. or less. dsl.yahoo.com
Current thread:
- WMF Threat OK , but no huge attack ... WHY ? pejman . gohari (Jan 09)
- Re: WMF Threat OK , but no huge attack ... WHY ? Jose Nazario (Jan 11)
- Re: WMF Threat OK , but no huge attack ... WHY ? jim (Jan 11)
- Re: WMF Threat OK , but no huge attack ... WHY ? Byron Sonne (Jan 11)
- Re: WMF Threat OK , but no huge attack ... WHY ? Chris Byrd (Jan 11)
- Re: WMF Threat OK , but no huge attack ... WHY ? Thierry Zoller (Jan 11)
- Re: WMF Threat OK , but no huge attack ... WHY ? Valdis . Kletnieks (Jan 11)
- <Possible follow-ups>
- WMF Threat OK , but no huge attack ... WHY ? k levinson (Jan 11)
- RE: WMF Threat OK , but no huge attack ... WHY ? Ward, Patrick James (Jan 11)