• 1233阅读
  • 0回复

"蠕虫"对微软再施新压

级别: 管理员
The Online 'Worm' Puts New Stress on Microsoft

Computer users world-wide raced to protect themselves from a malicious electronic "worm," which is set to attack Microsoft Corp.'s Web site Friday in a way that could make it even harder to prevent and repair the damage.

Four days after the nasty computer code was unleashed via the Internet, security experts said the worm's spread had slowed. But they remained concerned because the software is designed to shut down the part of Microsoft's site that provides users with patches for the very holes that allow the software to enter PCs. In addition, experts are worried about new variants of the worm that could cripple computers, including a "Trojan horse" that would allow hackers to gain access to infected PCs.
Whatever the origin of the worm, security experts say one thing is clear: The outbreak increases pressure on Microsoft to make its software more reliable and secure.

"End users of software, particularly big business, are just sick and tired of taking the fall when software doesn't work," says Jeffery Payne , chief executive of Cigital Inc., a Dulles, Va., company that advises businesses on software quality. "It's starting to cost them so much money that they are beginning to push back on companies like Microsoft."

Recognizing the problem, Microsoft Chairman Bill Gates last year launched an initiative he called "Trustworthy Computing" designed to change the way the Redmond, Wash., company designs and builds software. Among other actions, Microsoft stepped up training for its software developers. Microsoft says its newest version of Windows for computer servers includes features that can better protect corporate computers from all sorts of security breaches and harmful software like viruses and worms.

But experts give Microsoft mixed grades for its follow-through, saying the company hasn't changed its methods enough to avoid the kinds of flaws that make attacks by viruses and worms possible in the first place. Ultimately, that could hurt Microsoft where it matters most, in the corporate wallet.

Dan Farmer, a security expert and founder of Elemental Security Inc. in San Mateo, Calif., said security glitches are an inevitable byproduct of Microsoft's ever larger and more complex operating systems. The Blaster worm, for example, primarily affects newer versions of Windows, which Mr. Farmer says are even less secure than older systems. "The more services and more capabilities they add, the less secure they're going to be," Mr. Farmer said. "Complexity is bad."

The worm, which exploits a security flaw in several versions of Windows, continued to cause havoc, particularly on home computer users less able to keep up with the sometimes confusing instructions for protecting their systems. Microsoft posted a "patch," or fix, for the problem on its Web site in July, but many computer users didn't install the new software.

That kept tech staffers at many companies busy for the past few days as they hastily installed the patch on PCs and the bigger computers that handle corporate tasks.

Beyond the inconvenience, however, corporate disruption from the worm appeared relatively minor. Nordea, the biggest financial-services company in Scandinavia, shut more than 40 of its 400 branches in Finland after some office PCs were infected. Liisa Laine, a bank spokeswoman, said no accounts were affected.

The worm also slowed Internet traffic in Sweden on Monday and Tuesday and affected computers at the Munich headquarters of German auto maker Bayerische Motoren Werke AG. A spokesman said BMW was affected "only to a minor extent" and that production was unaffected.

Thursday afternoon, antivirus software maker Network Associates Inc. was recording 12,000 to 17,000 new infected PCs an hour, down from the peak of 35,000 on Monday, according to Vincent Gullotte, vice president of the Santa Clara, Calif., company. He estimated that as of Thursday around 1.2 million computers had been infected world-wide.

The U.S. Department of Homeland Security warned of a potential disruption to the Internet by the worm and its instructions to attack Microsoft's Web site.

Meanwhile, the Federal Bureau of Investigation's Seattle office, which has a cyber-crimes unit, is analyzing the worm for clues to "what person wrote it, where it came from, how it infects" and its earliest infections, said spokesman Bill Murray.

Other security experts who have examined the worm say it is programmed to begin a "denial-of-service" attack on Microsoft computers by overloading them with meaningless traffic. The attack is expected to start about 10 a.m. EDT Friday, when clocks in infected Australian PCs reach 12 a.m. Saturday.

Microsoft Senior Director Jeff Jones said the company is prepared for the potential attack. "We've been able to take some precautions," he said. He declined to elaborate but said in the event the site is disrupted, Microsoft has set up alternative ways for customers to receive fixes.

Mr. Jones said Microsoft spent more than $200 million last year improving the security of its Windows program for corporate servers. The company added 10 weeks of training for 8,500 of its software engineers, and delayed the release of the program by more than five months, to ensure its security. "We learned our lessons. We're still working to improve," he said.

Many companies said they escaped major damage because they had already taken precautions. AOL Time Warner Inc.'s America Online unit, which has more than 33 million subscribers, said it has received fewer than 5,000 customer calls about the worm.

America Online has blocked the portion of its computers targeted by the worm. That protects customers who access America Online by dialing local phone numbers. America Online also has been running pop-up ads warning its 2.2 million high-speed Internet subscribers to protect themselves from the worm. The ads offer subscribers a free firewall and a link to the Microsoft fix.

Verizon Communications Inc. has had a 50-person Computer Intrusion Response Team working to make sure that the New York-based company's phone and data networks wouldn't be affected. Nonetheless, a Verizon spokesman said that a few employees' PCs in remote locations had been infected by the worm. Another Bell phone company, SBC Communications Inc., blocked network access points to computers that it deemed vulnerable to the virus. "We've been working full time over the past couple of days," said Sean Donelan, a senior security engineer at the San Antonio-based company.
"蠕虫"对微软再施新压

全球的计算机用户正在保护自己免受恶毒的蠕虫病毒的攻击。这种病毒定于上周五对微软(Microsoft Corp.)网站发动攻击
描述
快速回复

您目前还是游客,请 登录注册