updated 12:10 pm EDT, Fri August 11, 2006
Big One Attacking Windows
Security experts have often talked about the possibility of a "Big One" striking Windows: a worm which spreads so quickly and destructively through the Internet that large numbers of connected computers are rendered almost unusable by the infection, not having had the time to patch the vulnerability. The chances of such an attack are fairly low, since truly damaging worms either hurt their own ability to spread or else are quickly contained through updates. Our closest brush with a "Big One" was the Blaster worm, which bombarded networks with traffic and crippled Windows XP systems without a firewall or the right patch. A newly discovered Windows vulnerability, however, has experts scrambling to warn users lest their worst fears come true. More about the problem and reactions to it after the jump.
The exploit was one patched this past Tuesday: an opportunity exists for a buffer overrun in the Server Service of every Windows version from 2000 through to Server 2003. If a worm writer successfully takes advantage of the hole, they could create denial-of-service attacks and other forms of damage that either flood users offline or affect the system itself. Potential fallout from the exploit is so severe that the US Department of Homeland Security issued its own warning, telling Windows users at large that an unpatched system could seriously affect both businesses and governments. Such alarms may be overstated - Windows users with automatic updates enabled will not be affected - but millions of PCs still exist that might not have the patch due to manual updating or earlier OS versions.