Feeds

Zero-day holiday

Sobering up fast

5 things you didn’t know about cloud backup

A few hundred million Windows XP machines lay vulnerable on the web today, a week after a zero-day exploit was discovered. Meanwhile, new approaches and ideas from the academic world - that focus exclusively on children - may give us hope for the future after all.

For this month’s column I had planned to write a positive, cheerful article on some of the ways security has advanced over the past year. But the Microsoft zero-day vulnerability discovered on December 27, 2005, has caused much activity and stress in the security community and, therefore, I will first digress with some short commentary. There are some great things happening in the world of computers and networks, but today’s Windows XP security response isn’t one of them.

With the Windows XP WMF vulnerability and exploit discovered on December 27th, we are all faced with a very difficult situation. Incredibly, most of the world’s computers have been suddenly found vulnerable to massive data theft and criminal use when they reach out onto the internet - ripe for exploitation with great ease, even by unskilled hackers. How simple this is to do on a web page or through email, here at the beginning of 2006, is just astonishing. While there have been many unpatched vulnerabilities for Windows over the years, some with effective exploits available, nothing quite reaches the magnitude of the situation we’re in today.

Microsoft customers are in big trouble. In my time at SecurityFocus, I have never seen such potential for damage or such a far-reaching vulnerability. The RPC DCOM vulnerability in 2003 saw the creation of the Blaster worm and its variants. Blaster alone infected more than 25 million machines. Today we have an exploit that can elude even anti-virus and IDS sensors and compromise a system very easily. It’s frightening. In some ways, it's also much worse - and much easier to infect machines with strong border security. Even without an email-bourne virus I anticipate the WMF vulnerability is going to create greater waves than Blaster when all is said and done. A single wrong click, even by an experienced security professional, and it’s game over. A simple search in Google and one click is all it takes.

A week after the zero-day vulnerability bites hard one of the world’s most influential software companies, we’re told it will be still another week until there is a fix. Based on the severity of this issue, the time delay is unacceptable. Installing the unofficial patch is highly recommended. But what else can we do?

Microsoft needs help from the security community. The community needs to help Microsoft and Microsoft customers now more than ever. I truly believe that millions of computers - perhaps tens of millions - are being compromised by criminals right now. These include computers inside government, military and scientific installations. And millions of home computers. Pretty much anyone who can reach the web, receive email or instant messages is vulnerable. Actual numbers and damage estimates, if they are ever known, will follow in the weeks and months.

Secure remote control for conventional and virtual desktops

More from The Register

next story
Ice cream headache as black hat hacks sack Dairy Queen
I scream, you scream, we all scream 'DATA BREACH'!
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
JLaw, Kate Upton exposed in celeb nude pics hack
100 women victimised as Apple iCloud accounts reportedly popped
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
Oz fed police in PDF redaction SNAFU
Give us your metadata, we'll publish your data
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.