On GameSpot: Next-gen DS, Xbox tech contracts set?
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 37 of 48:
Next »
« Previous
Wish you'd tell this to Microsoft.
From an article on www.zd.net 8/13/03, concerning Microsoft's inability to apply its own patches:

"The software giant had been hit hard by the SQL Slammer worm, a self-spreading program that took advantage of a six-month-old flaw that even Microsoft hadn't completely excised from its systems."

From an article on www.zd.net 8-13-03 (regarding the LovSan outbreak primarily).

"While businesses usually know of software flaws and the need to patch their systems, they don't always have time. Companies often do not patch their systems immediately, because they need time to test the fixes, said Brian Burns, manager of security operations for network device maker NetScreen.

"'Microsoft patches don't receive enough QA (quality assurance) as they should,' he said. 'There have been times that a patch has been applied, and then the administrator has to spend hours rolling it back, because it has crashed the machine.'"

Microsoft hacked again
By: Kieren McCarthy
Posted: 06/11/2000 at 11:23 GMT

"Just one week after Microsoft admitted to a major breach of its security, another hacker by the name of Dimitri claims to have gained access to several of its Web servers.

"Using a known security hole in M$' Internet Information Server software - which should have been fixed with its own patch - Dimitri hacked into the servers and uploaded a text file called Hack the Planet. He claims to have been able to alter files on Microsoft's download site and, if he so wished, add Trojan horses to software. The implications are obvious.

"On top of this, Dimitri claimed to have possession of an encrypted file containing administrative user names and passwords. He could decode it, he said, but wouldn't. Other interesting info: Microsoft's server domain is called Houston (and now it has a problem) and all the Web servers are set up in the same way. Tut tut."

Wednesday, September 03, 2003
The Blaster School of Hard Knocks
By Mary Jo Foley

"Secondly, Microsoft needs to take its own patching medicine. I have it on pretty good authority that even though Microsoft made the security patch that could have headed off Blaster available weeks before the worm hit, it didn't patch all of its own servers inside the company. I've heard 47 servers running Microsoft's Passport Internet-authentication software had to be taken down on August 12 (day two of Blaster) for 'emergency maintenance.'"

* * * * * *

There you have it, folks--the company producing the patches can't seem to get the hang of applying their own patches. Yet, they expect the rest of us to be able to?

There are plenty more examples in my security archives.
Posted by: Yen_z   Posted on: 04/29/04 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

why is it the same attack is used after the patch?  oldskool | 04/28/04
Message has been deleted.  Chad_z | 04/28/04
wow - what did chad do wrong?  oldskool | 04/29/04
The patch worked!  ShadeTree | 04/29/04
It's going to be a good billing month  Chad_z | 04/28/04
My firm is a total fortress...  Mike Cox | 04/28/04
RE: My firm is a total fortress...  wackoae | 04/28/04
And in the real world:  kray_z | 04/29/04
Yeah, mine too...  cuervo-gold | 04/29/04
Admit it!  TWRX | 04/29/04
not great, but not bad  shallow_diver | 04/29/04
Non-news . . . . Situation Normal: All F'ed Up....  Plain Logic | 04/28/04
Affirmative... SSDD!  Xunil_Sierutuf | 04/29/04
Same old story..  d_jedi | 04/29/04
Don't forget the final step...  Zogg | 04/29/04
In a home environment..  d_jedi | 04/29/04
Why home users don't do that  bidemytime | 04/29/04
Re: Why home users don't do that  d_jedi | 04/29/04
And  bidemytime | 04/29/04
think he was talking Service packs 100+ meg  V Sanders | 04/29/04
Better Solution...  rinaldo | 04/29/04
Tell me..  d_jedi | 04/29/04
Clever twisting there.  j.m.galvin | 04/29/04
You're just plain wrong!  ShadeTree | 04/29/04
Oops!  ShadeTree | 04/29/04
Help me out  j.m.galvin | 04/29/04
Not as many infections = not as large an installed base.  ShadeTree | 04/29/04
Not as many infections = Not poor quality, Swiss cheese...  MacCanuck | 04/30/04
NASA writes plenty of it.  rinaldo | 04/29/04
Heeee Haaaa ho ho ohhhhh my  quietLee | 04/29/04
Didn't the mars rover use win95?  Spoon Jabber | 04/29/04
Bad Example  Outside T. Box | 04/29/04
Two problems with your post.  Laff | 04/29/04
Re: Two problems with your post  d_jedi | 04/29/04
If you trust MS...Autopatch might be  Laff | 04/29/04
If you want to know why administrators wait  doctormoriarty | 04/29/04
Wish you'd tell this to Microsoft.  Yen_z | 04/29/04
Darn, 4 year olds are cracking the most flawed OS in history..  Xunil_Sierutuf | 04/29/04
I doubt seriously...  ShadeTree | 04/29/04
I Like The Story  Mike Rotch | 04/29/04
This is my favorite time of year...MS path time:)  Laff | 04/29/04
Let he who is without sin throw the first stone!  ShadeTree | 04/29/04
Hmm...D A E M O N's silent today  Expatriate US Geek | 04/29/04
Good, don't provoke him  Linux_Developer | 04/30/04
No worries here  Enterprise Analyst | 04/29/04
Intersting spin  quietLee | 04/29/04
I would like to see (wish item)  V Sanders | 04/29/04
RE: Worm worries grow with release of Windows hacks  cocococo013 | 11/16/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement

Enterprise Applications

  • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
  • New Online Dashboard
  • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline