RE: [ISN] Microsoft takes heat for Code Red

From: InfoSec News (isnat_private)
Date: Mon Aug 06 2001 - 01:13:56 PDT

  • Next message: InfoSec News: "[ISN] Too much time on their hands up in the North Woods"

    Forwarded by: Michael Huntley <michaelat_private>
    I'm not surprised at the M$ bashing, but I must take note that BIND
    has had several vulnerabilities, and users of BIND have suffered from
    those vulnerabilities as much as NT users of IIS.  Frankly, if the
    users of NT had applied the patch that came out on June 18th this
    would not be an issue, much like the problems that persisted after
    holes were found in BIND 8.2.2-p5 and before.
    As an administrator for several types of machines testing and applying
    patches is a way-of-life.  It doesn't matter to me whether the systems
    are NT or RedHat Linux.  Seems to me, IMHO, the bashing should be on
    the administrators of the machines, not M$, merely for the fact the
    patch was out a full month prior to the mass infection.
    My 2 cents.
    Michael Huntley
    -----Original Message-----
    From: owner-isnat_private [mailto:owner-isnat_private]On Behalf Of
    InfoSec News
    Sent: Wednesday, August 01, 2001 2:47 AM
    To: isnat_private
    Subject: [ISN] Microsoft takes heat for Code Red
    By Ian Fried and David Becker
    Staff Writers, CNET
    July 31, 2001, 12:25 p.m. PT
    While network administrators wait and prepare for another round of
    attacks from the Code Red worm, Microsoft is drawing much of the blame
    for the pernicious infection.
    Once again, security experts say the speed and stability of the
    Internet is at risk because of Code Red, a malicious worm that takes
    advantage of a hole in Microsoft's Internet Information Server (IIS)
    Web server software. The worm infected more than 300,000 servers and
    attacked the White House Web site last month before going into
    The worm is set to become active again at 5 p.m. PDT Tuesday,
    launching a new round of infections that could generate enough traffic
    to slow parts of the Internet.
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 03:09:54 PDT