Incredible. Now Microsoft can't shift the blame on to DBAs either!
More than their corporate network, what this worm devastates is
Microsoft's already poor reputation wrt security.
In article <3E36081F.27E3_at_xxxx.com>, asj says...
>
>Microsoft itself gets hit (and HARD) by the SQL Server worm!
>
>stan? hellllo? stan???? what's that cr*p again about lazy admins you've
>been spouting? microsoft can't even protect itself and you're expecting
>so many others to be able to do so?
>
>"Microsoft's policy of relying on software patches to fix major security
>flaws was questioned Monday after a series of internal e-mails revealed
>that the software giant's own network wasn't immune from a worm that
>struck the Internet last weekend."
>
>"The messages seen by CNET News.com portray a company struggling with a
>massive infection by the SQL Slammer worm, which inundated many
>corporate networks Saturday with steady streams of data that downed
>Internet connections and clogged bandwidth."
>
>"The messages put Microsoft in an awkward position: The company relies
>on customers to patch security flaws but the events of last weekend show
>that even it is vulnerable. In this case, Microsoft urged customers to
>fix a vulnerability in the SQL Server 2000 software, but it apparently
>hadn't taken its own advice. Moreover, despite its 1-year-old security
>push, the software giant still had critical servers vulnerable to
>Internet attacks."
>
>
>http://news.com.com/2100-1001-982305.html
>
>
>asj wrote:
>>
>> i'm sending out one email first thing tomorrow that will sum it all up
>> to our IT head (and maybe other people can do the same):
>>
>> "THANK GOD WE DON'T RUN MICROSOFT SQL SERVER!" *
>>
>> * add links to the freaking mess SQL server created.
>>
>> oh, yeah, for those of you wintrolls complaining about lax patches, tell
>> that to all those large multinationals that STILL got hit. the point is
>> to NOT have to install f*cking MS patches every other freaking weekend!
>>
>> http://www.cnn.com/2003/TECH/internet/01/26/internet.attack/index.html
>>
>> "Experts fear Monday could bring new outbreaks of the fast-moving
>> computer worm that snarled business and government computers Saturday,
>> slowing some corporate systems tothe point of inaccessibility.
>>
>> "Several companies, including Continental Airlines and Bank of America
>> Corp., reported widespread computer problems Saturday.
>>
>> "Bank of America, one of the nation's largest banks, said many customers
>> could not withdraw money from its 13,000 ATMs because of technical
>> problems caused by the attack, according to The Associated Press. A
>> spokeswoman, Lisa Gagnon, told the AP that the bank restored service to
>> nearly all ATMs by late Saturday afternoon and that customers' money and
>> personal information had not been at risk.
>>
>> "Continental said the worm attack led to scattered delays of no more
>> than 90 minutes. Spokesman Jeff Walt said Continental's hub at Newark,
>> New Jersey, was the most affected, but problems were also reported in
>> Houston, Texas, and Cleveland, Ohio.
>>
>> asj wrote:
>> >
>> > two side by side headlines in cnn.com:
>> >
>> > gates (again!) promising greater security for microsoft products, AND a
>> > headline on the new SQL Server worm wreaking havoc on Microsoft SQL
>> > server 2000 users. no wonder we use oracle and apache instead.
>> >
>> > side by side pic:
>> > http://www.blueboard.com/temp/news_headlines.gif
>> >
>> > stories:
>> >
>> > SQL Server 2000 Devastation:
>> > http://www.cnn.com/2003/TECH/internet/01/25/internet.attack.ap/index.html
>> >
>> > Security (or non-security) of microsoft products:
>> > http://www.cnn.com/2003/TECH/biztech/01/25/microsoft.security.ap/index.html
Received on Mon Jan 27 2003 - 23:47:48 CST
