Home » Industry Watch
MS05-039
Current estimates are way too optimistic.
It was Microsoft's thirty ninth security bulletin of the year. (It's been a slow year.) A vulnerability was reported to Microsoft and they supposedly resolved it. [The astute reader will remember the Redmond hype a few years back about automated programs that comb their source trees for holes. Ed.]
It was a remote execution vulnerability in Microsoft's genial Plug and Play (aka 'Plug and Pray'). It allowed an attacker to take complete control of an infected Microsoft system. The attacker could then install programs, modify and/or delete data, and even create new system accounts with full user rights.
Soon 250,000 machines world wide were affected. What was dramatic was not the number but the speed. It took hacker gangs a matter of hours to start a zombie war to control the computers. The Financial Times of London claim twelve gangs are currently in the melee.
Several high profile multinationals were hit hard: CNN, the Financial Times, Boeing, the Associated Press, the New York Times, ABC News, General Electric, Caterpillar, and Disneyland.
Disneyland's 2,000 computers - and their cash registers, their cast deployment system, their employee management system, and their Fast Pass dispensers - all were knocked out. Everyone's park ticket had to be scanned manually, and when the systems came back online they still wouldn't work because some admissions had not entered the broken system. Employees didn't know where to go to work because that system was out too.
ABC News producers used electric typewriters to prepare their 'World News Tonight' broadcast, according to their spokesman Jeffrey Schneider.
Twelve thousand (12,000) computers were knocked offline in San Diego county CA.
There are at time of writing 1,080 [sic] links to this story at Google UK. Clearly current estimates as to the number of fools on the planet are way too optimistic.
Windows 2000 bug starts virus war http://news.bbc.co.uk/2/hi/technology/4162124.stm
Worm War II http://theregister.co.uk/2005/08/18/pnp_worm_wars/
Is latest can of worms a cyber-crime turf war? http://silicon.com/0,39024729,39151483,00.htm
Security experts offer calm in the Windows Plug-and-Play storm http://www.ameinfo.com/66027.html
Disneyland brought low by Windows worms http://boingboing.net/2005/08/18/disneyland_brought_l.html
Worm rooted out of county government computers http://signonsandiego.com/news/metro/20050818-9999-7m18worm.html
For Worm Writers, Speed Thrills http://businessweek.com/technology/content/aug2005/tc20050818_0865_tc119.htm
Turf war erupts as hackers send viruses to hijack PCs http://guardian.co.uk/business/story/0,3604,1551142,00.html
New computer worms attack over 100 US companies http://english.people.com.cn/200508/18/eng20050818_203207.html
Competing 'worms' hit US news providers http://news.independent.co.uk/world/americas/article306584.ece
Windows Worm Goes Global http://internetnews.com/security/article.php/3528101
Major news organisations hit by fast spreading virus http://computerweekly.com/Articles/2005/08/17 /211377/Majornewsorganisationshitbyfastspreadingvirus.htm
Variants of spreading Windows worm emerge http://businessweek.com/ap/financialnews/D8C1KABG1.htm
Plug and Play pandemonium http://theregister.co.uk/2005/08/17/plug_and_play_worm_pandemonium/
Windows worm causes red faces http://blogs.guardian.co.uk/online/archives /2005/08/17/windows_worm_causes_red_faces.html
Worm Burrows Into Network Flaw http://www.cbsnews.com/stories/2005/08/17/tech/main781643.shtml
CNN, FT Computers Attacked by Microsoft Windows Worm http://www.bloomberg.com/apps/news?pid=10000103&sid=aPrKdHO1jQOI
FT briefing: The Zotob and Esbot worms http://news.ft.com/cms/s/112bcc04-0f0d-11da-8b31-00000e2511c8.html
250 000 PCs down http://www.macworld.co.uk/news/?NewsID=12380
Windows worm hits global systems http://www.macworld.co.uk/news/?NewsID=12363
Windows worm beginning to spread http://macworld.com/news/2005/08/17/worm/
|