Feeds

Zero-day holiday

Sobering up fast

Build a business case: developing custom apps

A few hundred million Windows XP machines lay vulnerable on the web today, a week after a zero-day exploit was discovered. Meanwhile, new approaches and ideas from the academic world - that focus exclusively on children - may give us hope for the future after all.

For this month’s column I had planned to write a positive, cheerful article on some of the ways security has advanced over the past year. But the Microsoft zero-day vulnerability discovered on December 27, 2005, has caused much activity and stress in the security community and, therefore, I will first digress with some short commentary. There are some great things happening in the world of computers and networks, but today’s Windows XP security response isn’t one of them.

With the Windows XP WMF vulnerability and exploit discovered on December 27th, we are all faced with a very difficult situation. Incredibly, most of the world’s computers have been suddenly found vulnerable to massive data theft and criminal use when they reach out onto the internet - ripe for exploitation with great ease, even by unskilled hackers. How simple this is to do on a web page or through email, here at the beginning of 2006, is just astonishing. While there have been many unpatched vulnerabilities for Windows over the years, some with effective exploits available, nothing quite reaches the magnitude of the situation we’re in today.

Microsoft customers are in big trouble. In my time at SecurityFocus, I have never seen such potential for damage or such a far-reaching vulnerability. The RPC DCOM vulnerability in 2003 saw the creation of the Blaster worm and its variants. Blaster alone infected more than 25 million machines. Today we have an exploit that can elude even anti-virus and IDS sensors and compromise a system very easily. It’s frightening. In some ways, it's also much worse - and much easier to infect machines with strong border security. Even without an email-bourne virus I anticipate the WMF vulnerability is going to create greater waves than Blaster when all is said and done. A single wrong click, even by an experienced security professional, and it’s game over. A simple search in Google and one click is all it takes.

A week after the zero-day vulnerability bites hard one of the world’s most influential software companies, we’re told it will be still another week until there is a fix. Based on the severity of this issue, the time delay is unacceptable. Installing the unofficial patch is highly recommended. But what else can we do?

Microsoft needs help from the security community. The community needs to help Microsoft and Microsoft customers now more than ever. I truly believe that millions of computers - perhaps tens of millions - are being compromised by criminals right now. These include computers inside government, military and scientific installations. And millions of home computers. Pretty much anyone who can reach the web, receive email or instant messages is vulnerable. Actual numbers and damage estimates, if they are ever known, will follow in the weeks and months.

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?