funsec mailing list archives
Re: Did Windows Update take out the Skype network?
From: Jordan Wiens <numatrix () ufl edu>
Date: Mon, 20 Aug 2007 12:57:45 -0400
The issue here isn't the number of updates at all, it's the number of updates that require a reboot (being that it's the reboot that triggered the deluge of logins). The number of linux patches that require a reboot are pretty ridiculously small compared to windows. Mac OSX is probably somewhere in the middle, but that's just a guess.
-- Jordan Wiens, CISSP UF Network Security Engineer (352)392-2061 On Aug 20, 2007, at 12:07 PM, Larry Seltzer wrote:
This has nothing to do with the number of updates, but the fact that everyone was applying them at roughly the same time. They could have 1 update a month on their regular schedule and the effect, from Skype's standpoint, would be the same. And some would dispute your claims about the number of updates(http://blogs.technet.com/security/archive/2007/08/16/july-2007- operating-system-vulnerability-scorecard.aspx ), at least as compared to the competition. Do MacOS and RedHat have too many updates too? Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.eweek.com/cheap_hack/ Contributing Editor, PC Magazine larry.seltzer () ziffdavisenterprise com -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of rms () computerbytesman com Sent: Monday, August 20, 2007 11:17 AM To: funsec () linuxbox org Subject: RE: [funsec] Did Windows Update take out the Skype network? Here's the official Skype blog entry on the meltdown: http://heartbeat.skype.com/2007/08/what_happened_on_august_16.html In my book, there are way too many security patches for Windows. The Skype meltdown is an example of collateral damage.Another problem that I've seen with Microsoft Update since the beginningof this summer is that a collection of Office 2003 patches fail toinstall and everytime I reboot my computer Microsoft Update attempts the install again and fails again. I'm never notified of these failures andI'm not sure how to fix the problem in order to secure my system. RichardI hope they don't have the gall actually to blame Microsoft for it. Obviously it's a flaw in their network, and shows a hole in their own testing. Perhaps it's also an indication that more Windows users are updating more quickly. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.eweek.com/cheap_hack/ Contributing Editor, PC Magazine larry.seltzer () ziffdavisenterprise com -----Original Message-----From: funsec-bounces () linuxbox org [mailto:funsec- bounces () linuxbox org]On Behalf Of rms () computerbytesman com Sent: Monday, August 20, 2007 10:26 AM To: funsec () linuxbox org Subject: [funsec] Did Windows Update take out the Skype network? http://blog.wired.com/monkeybites/2007/08/windows-update-.html Skype is finally back online after a massive two-day outage which began on Thursday, August 16th and rendered the VoIP service useless for an estimated 220 million users. As we reported on Friday, Skype has denied charges that the outage was the result of an attack, but the company delayed an official explanation until today. According to Skype the outage was caused by a massive number of users restarting their machines, which flooded the Skype network with login requests. Skype blames the restarts on Windows Update, presumably large numbers of users rebooting after installing this month's "PatchTuesday"Windows patches. ... _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list._______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Did Windows Update take out the Skype network? rms (Aug 20)
- RE: Did Windows Update take out the Skype network? Larry Seltzer (Aug 20)
- RE: Did Windows Update take out the Skype network? rms (Aug 20)
- RE: Did Windows Update take out the Skype network? Larry Seltzer (Aug 20)
- RE: Did Windows Update take out the Skype network? rms (Aug 20)
- RE: Did Windows Update take out the Skype network? Larry Seltzer (Aug 20)
- RE: Did Windows Update take out the Skype network? rms (Aug 20)
- RE: Did Windows Update take out the Skype network? rms (Aug 20)
- Re: Did Windows Update take out the Skype network? Dude VanWinkle (Aug 20)
- RE: Did Windows Update take out the Skype network? rms (Aug 20)
- RE: Did Windows Update take out the Skype network? Larry Seltzer (Aug 20)
- Re: Did Windows Update take out the Skype network? Jordan Wiens (Aug 20)
- RE: Did Windows Update take out the Skype network? Wayne J. Hauber (Aug 20)
- <Possible follow-ups>
- RE: Did Windows Update take out the Skype network? Juha-Matti Laurio (Aug 22)