Slashdot Mirror


1 In 3 Windows PCs Still Vulnerable To Worm Attack

CWmike writes "The worm that has infected several million Windows PCs, Downadup or 'Conficker,' is having a field day because nearly a third of all systems remain unpatched 80 days after Microsoft rolled out an emergency fix, security firm Qualys said. Downadup surged dramatically this week and has infected an estimated 3.5 million PCs so far, according to Finnish security company F-Secure Corp. The worm exploits a bug in the Windows Server service used in Windows 2000, XP, Vista, Server 2003, and Server 2008. Qualys' CTO said, 'These slow [corporate] patch cycles are simply not acceptable. They lead directly to these high infection rates.'" This is indicative of why some are calling for Microsoft to rethink Patch Tuesday, as reader buzzardsbay pointed out.

6 of 242 comments (clear)

  1. Re:Genuine Advantage Validation by Larry+Lightbulb · · Score: -1, Troll

    I know no one who is afraid of updates because of the genuine advantage validation.

  2. wouldn't it be simpler to run a Linux distro .. by rs232 · · Score: -1, Troll

    "Our protection against viruses is pretty thorough, and .. filtered .. firewall .. CD-ROM .. USB drives .. Autorun .. Downloads of executables .. is disabled .. Emails .. filtered .. Office Documents are quarantined .. AV on all desktops .. takes under a single man hour each day for the IT department to manage .."

    When do you get the time to do any actual real work. Wouldn't it be simpler to run a Linux distro, all you have to do to protect the system is - nothing ...

    --
    davecb5620@gmail.com
    1. Re:wouldn't it be simpler to run a Linux distro .. by rs232 · · Score: -1, Troll

      'all Office Documents are quarantined before manual release'

      Do you really expect us to believe that the only secure way of accessing an Office Doc is to quarantine it. I thought you had the system totally locked down and AV on all desktops?

      "it would take a lot longer to get this network working under linux than windows"

      I thought Linux did networking as well as Unix, what do your servers/routers/switches/firewall run on?

      "the couple of dozen specialist apps that simply don't exist in Linux"

      What are those specialist apps. Do you mind telling me what sector your business is in?

      "I'm not aware of anything that as easy to use and effective as group policy for securing computers and deploying software"

      http://www.linuxjournal.com/article/6266
      http://en.wikipedia.org/wiki/OpenLDAP
      http://www.bayour.com/LDAPv3-HOWTO.html

      http://www.howtogeek.com/howto/ubuntu/configure-how-often-ubuntu-checks-for-automatic-updates/

      "I think you'd be surprised just how low maintenance this lot is"

      I am surprised as my personal experience is a bit different

      "patching software is something we can do in our own sweet time"

      What else do you do apart from locking down and patching?

      --
      davecb5620@gmail.com
  3. Its M$ fault by hesaigo999ca · · Score: 0, Troll

    I say, if M$ were to actually offer these patches freely sort of like "use our product because like Linux you get free stuff..." not only would they get a more secure overall experience for the user, but you would also see less infection rates...and this would lead to them being able to learn who still uses windows xp...even if it isn't legit copy.

    At some point they could trigger a more effective update scenario..."we have updated your system but see you are not using a legit copy of windows, if you want to be legal, we can send you a key for 49$."

    You would see millions of people line up for that, because not only would it mean they are safe, but everyone who has a copy of windows illegally can now rest assured they won't be penalized...and in this unstable economy, how do you convince someone to get a legit key, if it isn't by making it very cheap. I know I will never get legit xp or vista because i can go linux. If M$ came to my door and said "hey uninstall or pay" I wuold uninstall unless it was cheap enough. 49$ is cheap enough.

  4. Re:Genuine Advantage Validation by drinkypoo · · Score: 1, Troll

    I've got a method to bypass activation and WGA that makes every copy of Windows look legit to MS. There's only one very small requirement, that I'm not going to divulge, as I'm not telling you how to pirate software.

    I've got a foolproof method for producing free energy in the lab, but I'm not going to demonstrate it because I'm not going to teach you how to violate the laws of thermodynamics.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  5. Newsworthy? by dov_0 · · Score: 0, Troll

    So what actually makes this news? Microsoft's security model is faulty by design. What's new?

    --
    sudo mount --milk --sugar /cup/tea /mouth /etc/init.d/relax start