Patch Windows now. The Windows Metafile exploits
are beginning to look like one of the worst-ever Windows malware epidemics. It is a true drive-by exploit - infection with a whole raft of insidious malware just by looking at a web page with IE, or reading an email or IM with an image (depending on the program you use). It will really explode tomorrow when all the business PCs go back online, because as of now there is no good prevention with firewalls, anti-virus or IDS.
The SANS Internet Storm Center handlers have been the most up to date source of information (first link above). The DSL Reports thread
has good signal-to-noise. Insight and advice actually comes close to outweighing the usual microsoft-bashing in the latest /. thread on it
. But Ilfak Guilfanov
has outdone everyone with an unofficial patch (source included - admire the code - he is expertly patching a closed-source binary).
posted by jam_pony
on Jan 1, 2006 -
Microsoft = Megatarget.
A new worm is rapidly spreading across the Internet, functioning like a massive DDOS attack and crippling ISPs in South Korea. It's host? Microsoft SQL server. (Get yor fix on
, then reboot!) What impact will it have over here, I wonder...
posted by insomnia_lj
on Jan 25, 2003 -
More news on the IIS exploit
After acknowledging the problem last week, Micro$oft is now saying that the backdoor in IIS... is a flaw. M$ Technet seems to have a fix
for this problem, delete the offending file! So, if systems are your bag, my advice is to start researching security
if you are running M$ internet server products (SQL 7, Exchange, IIS, Index Server, etc.).
posted by Dean_Paxton
on Apr 17, 2000 -