Summary
New Analysis: The Zotob outbreak has put a spotlight on ongoing security woes and is forcing IT departments to find better, quicker ways to distribute patches.
Original source:
http://www.eweek.com/article2/0,1895,1850269,00.asp
Details
A mob of malicious programs knocked down networks across the country last week, using a powerful, remote exploit of the Windows Plug and Play service that appeared just a day after Microsoft issued a patch for the hole Aug. 9.
The fast-closing window to patch vulnerable systems is putting pressure on IT departments everywhere to find better ways to distribute patches.
But some experts warn that worm and bot outbreaks distract attention from a deeper and darker problem: undiscovered or undisclosed vulnerabilities in software running on critical systems.
By late last week, there were 19 worms that exploit the Plug and Play flaw, including new worm families such as Zotob and Dogbot and variants of Rbot, officials for security vendor Sophos plc.
Customer support workers at SBC Communications Inc. also were idled as variants of the recent Zotob and Rbot worms raced through the company's computer network last week, causing Windows 2000 systems to reboot and hampering the ability of staff to assist customers, said spokesperson Wes Warnick in San Antonio.
PointerZotob proves that patch management isn't enough.
Microsoft and others recommend a "defense in depth" approach for customers that includes a desktop firewall, anti-virus software, intrusion detection technology and patch management tools, said Stephen Toulouse, security program manager at Microsoft's Security Response Center, in Redmond, Wash.
A combination of those technologies kept Windows 2000 systems at Principal Financial Group from being hit with Zotob or its cousins, said Corey Null, who works in the information services group at Principal, in Des Moines, Iowa.
"Whatever Microsoft reports is only the tip of the iceberg," said Nand Mulchandani, vice president of business development and founder of Determina Inc., a
security vendor based in Redwood City, Calif.
"In most of the [hacking] underground, if somebody finds a vulnerability, they'll use it, not write a worm for it."
About the author: Mike Adams is a consumer health advocate and award-winning journalist with a strong interest in personal health, the environment and the power of nature to help us all heal He has authored and published thousands of articles, interviews, consumers guides, and books on topics like health and the environment, and he has published numerous courses on preparedness and survival, including financial preparedness, emergency food supplies, urban survival and tactical self-defense. Adams is an independent journalist with strong ethics who does not get paid to write articles about any product or company. In 2010, Adams co-founded NaturalNews.com, a natural health video sharing site that has now grown in popularity. He also founded an environmentally-friendly online retailer called BetterLifeGoods.com that uses retail profits to help support consumer advocacy programs. He's also a successful software entrepreneur, having founded a well known email marketing software company whose technology currently powers the NaturalNews email newsletters. Adams volunteers his time to serve as the executive director of the Consumer Wellness Center, a 501(c)3 non-profit organization, and practices nature photography, Capoeira, martial arts and organic gardening. Known by his callsign, the 'Health Ranger,' Adams posts his missions statements, health statistics and health photos at www.HealthRanger.org
Have comments on this article? Post them here:
people have commented on this article.