Slashdot Mirror
Microsoft Won't Offer Patch Before Worm Strikes?
techmuse writes "According to an article in Information Week, Microsoft is aware that the 'Kama Sutra/Blackworm/MyWife' worm will hit on Friday, overwriting office documents, but will not release a patch until its regular monthly patch release on February 14th. Unless, that is, you subscribe to one of Microsoft's pay security services, in which case your machine will have the worm removed in advance." From the article: "The blog offered no explanation why the tool wouldn't be updated earlier, nor did Microsoft immediately respond to questions. Each month, Microsoft pushes a revised tool to Windows users who have Automatic Update enabled for Windows Update or Microsoft Update. The Redmond, Wash.-based company has released the Malicious Software Removal Tool off-schedule once before, in August 2005, shortly after the Zotob worm began striking Windows 2000 systems."
So Microsoft wont help out the unwashed masses with an early patch... what about the anti-virus publishers? Can they detect and remove the worm?
Help Brendan pay off his student loans
Nice Windows machine you've got there. Wouldn't want anything to, um, happen to it. You need insurance, and we happen to sell insurance. Capiche?
I too have felt the cold finger of injustice.
What, me worry?
A feeling of having made the same mistake before: Deja Foobar
Unless, that is, you subscribe to one of Microsoft's pay security services, in which case your machine will have the worm removed in advance.
This is what is commonly referred to as "extortion". Pay them now or something bad might happen. You wouldn't want something bad to happen would you?
This sig has been temporarily disconnected or is no longer in service
Or, if you had read the very article you're posting, "Both the company's free online security service, Windows Live Safety, and its in-beta OneCare Live software, however, will disinfect compromised computers, Microsoft said."
Come on people. This story is completely wrong. Microsoft is not withholding anything. They simple do not have a Malicioius Software Removal Tool currently ready because the system is built around deploying it on the 14th. The reference to Microsoft's pay services are the same as if you used Symantec or any other virus scanner out that which already detects the worm. It's not extortion, it's not even a story.
Microsoft is aware that the 'Kama Sutra/Blackworm/MyWife' worm will hit on Friday, overwriting office documents, but will not release a patch until its regular monthly patch release on February 14th.
How ironic that a patch for the Kama Sutra/MyWife worm will be released on February 14th.
Happy Valentine's Day - Love, Microsoft.
He who knows best knows how little he knows. - Thomas Jefferson
If you can't / don't want to pay, but you still want to be secure, you still have an option. You see, if you read the full article, and go to the knowledgebase post about it, Microsoft says that up-to-date anti-cirus will take care of it. Don't have up to date anti-virus? That's ok too! Just visit the onecare part of safety.live.com, and Microsoft will scan your computer for viruses (including this one) in addition to all the other crap that builds up on computers.
/.!
Now, speaking as someone who has tried the online virus scanner, I have to say it works really quite well. It's just the tool to clean your computer of viruses, spyware, malware, unused/unneeded files -- and even knocks out those MICRO$OFT haters on
Yet another reason i'm glad our IT department decided to standardize on open office. Doesn't appear opendoc files are targeted.
I know this is probably redundant, but is it possible for people to make a story submission relating to Microsoft without drawing imaginary horns and a "666" on their logo every time? I will grant that Micrsoft should probably release the patch to everyone right now for secuirty reasons, but I'm sure there are ample folks who use Oracle, and they won't give you *any* patches at *any* time, or allow you to peruse any of their Metalink site, without first paying.
... Why would they hold back on the patch? If they have it available and ready to push out, why not just do it? I don't understand, its as if this is their way of raising their right hand and flipping everyone off.
It would be ironic if you were a twin. The unauthorized copy twin would be too much to ask for.
Oh, and happy birthday.
The world is made by those who show up for the job.
"Because there's a car bomb on it set to go off on Friday."
"Sorry, that's not our car bomb."
"No, but when I bought the car, there was a modular plug next to the engine with PLACE CAR BOMB HERE written on it!"
"Sorry, not our problem. You knew this car was prone to car bombs when you bought it, and your purchase agreement specifically spells out that we're not responsible for car bomb damage."
"Can you at least remove the car bomb?"
"Sorry, but your contract specifically states that we're under no obligation to remove any car bombs attached to your car. Now, if you would be interested in purchasing our special Car Bomb Insurance..."
- Crow T. Trollbot
Check the license agreement for Windows XP. Nothing in there says that Microsoft will ever provide fixes, period. If you don't like their service-after-the-sale, get off the upgrade treadmill and stop buying licenses from them or buy an expanded service agreement from them. They aren't
Software licenses are agreements that should have the full weight of contract law. There is no other way that the licenses I prefer, like the GPL, BSD, Mozilla, MIT, etc, get any legal weight. If you can't abide by the terms, take a stand, show some guts, and click "Cancel" on the install. Find some software that is licensed under terms you can accept. Don't be a sheep and agree just because it would be too hard, or make you go look for other software if you disagree.
THIS STUFF IS IMPORTANT.
AFAICT this is as run-of-the-mill as virus threats get, and I'm grateful that MS is maintaining a level of software discipline and not jumping all over themselves to instantly respond to every stupid little worm that crosses the net. I'd much rather see meaningful updates once a month than frantic, possibly-buggy scramble fixes three times a week.
from TFA:
Microsoft Won't Offer Patch Before Worm Strikes?
This is not a worm, but a virus, and MS is not releasing a patch, but an updated virus definition.
Viruses are not caused by a system flaw but by user intervention, that is unless it is installed without user intervention, then it is a system flaw. I am not a Microsoft user but I see no fault they are doing.
Star Trek, there maybe hope.
"will not release a patch until its regular monthly patch release " Someone should have researched this a bit before approving it. Microsoft has no obligation to patch this. This is a worm that relies mainly on user's opening up an evil email attachment. What is M$ supposed to patch? The end-user?
mmmm, protection racket.
"I'd like to buy a car"
....... some time later .........
"OK here you go. We also offer a car bomb detection service. Our car is as car bomb proof as we were able to make it but those terrorists are pretty clever. So you can pay us to make sure that any new ways of getting car bombs into cars that we find out about is prevented. "
"No thanks. What are the chances I'm gonna get targeted by a terrorist"
"I want you to fix my car and all other cars for free"
"What's wrong with it"
"Car bomb set to go off in 3 days"
"Well we gave you the car in as good condition as we could and you declined to get any kind of terrorist protection whatsoever either from us or anyone else. We will fix it for free on all cars, but the fix we were working on won't be ready for a 2 weeks. That leaves you out of luck but others that car bombs later will appreciate that. For you we would recommend one of three options. You can pay for our car bomb insurace that you should have gotten in the first place and that will cover the cost of fixing it quick. You can pay another company to do the same. Or third, we have this small program where you can get it done for free or you can go to other free terrorist prevention centers to have it removed. "
I don't consider it Microsoft's responsibility to ensure that every Windows user gets just-in-time virus removal for free. It might be different if the virus exploited an OS flaw, but to my knowledge this one doesn't. This is why people pay money for AV software. That said, it would be nice if they'd schedule an out-of-cycle release of the malicious software removal tool, but doing so could create a precedent they don't wish to establish.
Déjà vu
I think I've heard that before...
Customer: So I'm really getting sick of MyWife. Is there any way I can get rid of it by Valentine's day? I really don't want to pay for it. Valentine's is so expensive and all... Microsoft: Well, if you make a special trip to us we can get rid of your MyWife for you. Otherwise you'll be chained to her until kingdom come. Just kidding! We'll patch things up right after Valentine's. We think that we need to let things run their course with your MyWife. After all, isn't that what marriage is for? To cost money and create misery?
The problem is the Malicious Software Removal Tool itself. It's a half-assed product that just sort of does "some stuff." I'm not sure who it's intended for. As someone in IT I certainly have never once used it professionally. There's no point because we're already using better tools. As a PC user at home I have never bothered to use it because, again, there are already better (& free) tools out there.
A program that removes some stuff that Microsoft decides is significant enought to be called "malicious" isn't much of a tool to begin with, and then to factor in that it's only updated once per month makes it even less valuable. Oh, I might also mention that the program only detects an underwhelming 54 "malicious programs?" Wow, gimme summa that.
There's really no issue with Microsoft not releasing an update for the removal tool. It's expected, standard behavior. It's right there in the documentation, second paragraph. This is not an anti-virus program that updates daily, this is some kind of other tool that exists in an awkward dimension all of its own.
Realizing this is
*pop!* That was my karma. It was good karma but it's gone now. I've offended the fanboys.
The world according to SComps
Setting up your own server is not the same as using a public store and forward delivery system. In fact the two are quite distinct. Email and ftp both have their places. If I am going to widely distribute something, or if I am sending out large files (>10MB) I use ftp, otherwise I use email. Hell I have my email client open all the time, I almost never have an ftp client open.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
> You want to give someone a file, send them a link to your ftp server.
get with the times, should be a tracking link to your torrent.
ftp works for the 2% of people who have their own non nat, static ip address with a ftp server that hasn't been blasted off the face of the internet. I am even in the small percent that do have a static ip, but the people I send files to don't have VPN access to any of my servers, and having ftp openly accesable to the net would just be stupid (and which windows users have sftp client installed? ok I do have port 80 access to a webserver that could serve the file, but thats probably not average or easier than attach either.)
(1) it is a trojan, not a worm. If you have 100 stupid users then you have bigger problems.
(2) there is a standalone patch available from Microsoft. Download it, put it on a network share or push it using SMS.
Simple: Marketing!
Everything in the Universe sucks: It's the law!
Hello,
A bit of searching came up with the following free or trial versions of anti-virus programs which are capable of detecting and removing Win32/MyWife (née CME-24):
Alwil - Avast! 4 Home Edition (free for personal non-commercial use)
ESET - NOD32 trial version (30-day evaluation)
Grisoft - AVG Free Edition (free for personal non-commercial use)
Kaspersky Lab - Anti-Virus Personal 5.0 (30-day evaluation)
McAfee - VirusScan (30-day evaluation)
Microsoft - Windows Malicious Software Removal Tool (KB890830) (free)
Panda - Titanium Antivirus 2006 (30-day evaluation)
Sophos - Anti-Virus (30-day evaluation)
Symantec - W32.Blackmal@mm Removal Tool (free)
Trend Micro - PC-cillin Trial Version (30-day evaluation)
I'm certain other readers will look up and post links to additional vendors, too. Ob-disclaimer: I happen to work for one of the companies listed above, so there.
Regards,
Aryeh Goretsky
Dexter is a good dog.
I remember receiving a "security patch" from the Microsoft Security Center on my college email account. I almost executed it too, before thinking "why in the hell would microsoft be sending security patches over email???" Later I found out that several professors in the university's Computer Science department fell for it....
How the hell is pointing out that it's not always "stupid and irresponsible users" a friggin' troll?
Lost at C:>. Found at C.
Clearly a solution for the unwashed masses. We can't seem to get people from double clicking every email attachment, I'm sure their ready to setup, configure and tweak their own IPTables.
What worries me is files on my servers being destroyed by Windows machines connected to them.
Does this payload destroy files only on the local drives? On mounted drives, too? How about on mapped drives?
How can I protect my Mac, Windows and Linux servers from infected clients?