Information Security News mailing list archives
RE: Microsoft takes heat for Code Red
From: InfoSec News <isn () c4i org>
Date: Mon, 6 Aug 2001 03:13:56 -0500 (CDT)
Forwarded by: Michael Huntley <michael () signet net> I'm not surprised at the M$ bashing, but I must take note that BIND has had several vulnerabilities, and users of BIND have suffered from those vulnerabilities as much as NT users of IIS. Frankly, if the users of NT had applied the patch that came out on June 18th this would not be an issue, much like the problems that persisted after holes were found in BIND 8.2.2-p5 and before. As an administrator for several types of machines testing and applying patches is a way-of-life. It doesn't matter to me whether the systems are NT or RedHat Linux. Seems to me, IMHO, the bashing should be on the administrators of the machines, not M$, merely for the fact the patch was out a full month prior to the mass infection. My 2 cents. Michael Huntley michael () signet net -----Original Message----- From: owner-isn () attrition org [mailto:owner-isn () attrition org]On Behalf Of InfoSec News Sent: Wednesday, August 01, 2001 2:47 AM To: isn () attrition org Subject: [ISN] Microsoft takes heat for Code Red http://news.cnet.com/news/0-1003-200-6730674.html By Ian Fried and David Becker Staff Writers, CNET News.com July 31, 2001, 12:25 p.m. PT While network administrators wait and prepare for another round of attacks from the Code Red worm, Microsoft is drawing much of the blame for the pernicious infection. Once again, security experts say the speed and stability of the Internet is at risk because of Code Red, a malicious worm that takes advantage of a hole in Microsoft's Internet Information Server (IIS) Web server software. The worm infected more than 300,000 servers and attacked the White House Web site last month before going into hibernation. The worm is set to become active again at 5 p.m. PDT Tuesday, launching a new round of infections that could generate enough traffic to slow parts of the Internet. - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- Microsoft takes heat for Code Red InfoSec News (Aug 01)
- <Possible follow-ups>
- RE: Microsoft takes heat for Code Red InfoSec News (Aug 06)
- RE: Microsoft takes heat for Code Red InfoSec News (Aug 07)