RE: Did Windows Update take out the Skype network?

["Larry Seltzer" <Larry () larryseltzer com>]

This has nothing to do with the number of updates, but the fact that
everyone was applying them at roughly the same time. They could have 1
update a month on their regular schedule and the effect, from Skype's
standpoint, would be the same.
 
And some would dispute your claims about the number of updates
(http://blogs.technet.com/security/archive/2007/08/16/july-2007-operatin
g-system-vulnerability-scorecard.aspx ), at least as compared to the
competition. Do MacOS and RedHat have too many updates too?

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blogs.eweek.com/cheap_hack/
Contributing Editor, PC Magazine
larry.seltzer () ziffdavisenterprise com

-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org]
On Behalf Of rms () computerbytesman com
Sent: Monday, August 20, 2007 11:17 AM
To: funsec () linuxbox org
Subject: RE: [funsec] Did Windows Update take out the Skype network?

Here's the official Skype blog entry on the meltdown:

   http://heartbeat.skype.com/2007/08/what_happened_on_august_16.html

In my book, there are way too many security patches for Windows.  The
Skype meltdown is an example of collateral damage.

Another problem that I've seen with Microsoft Update since the beginning
of this summer is that a collection of Office 2003 patches fail to
install and everytime I reboot my computer Microsoft Update attempts the
install again and fails again.  I'm never notified of these failures and
I'm not sure how to fix the problem in order to secure my system.

Richard


> I hope they don't have the gall actually to blame Microsoft for it.
> Obviously it's a flaw in their network, and shows a hole in their own 
> testing.
>
> Perhaps it's also an indication that more Windows users are updating 
> more quickly.
>
> Larry Seltzer
> eWEEK.com Security Center Editor
> http://security.eweek.com/
> http://blogs.eweek.com/cheap_hack/
> Contributing Editor, PC Magazine
> larry.seltzer () ziffdavisenterprise com
>
> -----Original Message-----
> From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org]
> On Behalf Of rms () computerbytesman com
> Sent: Monday, August 20, 2007 10:26 AM
> To: funsec () linuxbox org
> Subject: [funsec] Did Windows Update take out the Skype network?
>
> http://blog.wired.com/monkeybites/2007/08/windows-update-.html
>
> Skype is finally back online after a massive two-day outage which 
> began on Thursday, August 16th and rendered the VoIP service useless 
> for an estimated 220 million users. As we reported on Friday, Skype 
> has denied charges that the outage was the result of an attack, but 
> the company delayed an official explanation until today.
>
> According to Skype the outage was caused by a massive number of users 
> restarting their machines, which flooded the Skype network with login 
> requests. Skype blames the restarts on Windows Update, presumably 
> large numbers of users rebooting after installing this month's "Patch
Tuesday"
> Windows patches.
>
> ...
>
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.