M$ & code red, poetic justice

Trojan

What a bunch of muppets, they prove it again and again...


Microsoft fails to patch servers, hit by Code Red


Proving again that it doesn't practice what it preaches, Microsoft Corp. confirmed that the Code Red worm infected two servers used for its Hotmail Web-based e-mail service.
"A few MSN Hotmail servers were affected by the Code Red worm virus. The servers were promptly removed from the MSN Hotmail environment, shut down and patched," said a Microsoft spokeswoman in the U.K., adding that the infection was detected late Wednesday afternoon in the U.S.

The two infected systems were a test system and a production system, the spokeswoman said, adding that no user data was compromised and that all users should be able to access the Hotmail service in a secure fashion. Hotmail has over 100 million users worldwide.

Microsoft has taken extra steps to ensure the security of its network and servers to minimize the impact of the worm, according to the spokeswoman. The company seems to have been caught by the Code Red II (also known as Code Red 3.0) variant of the original Code Red worm that surfaced last weekend.

Carnate

HEH HEH closing da barn when the servers have already bolted!!

Trojan

More M$ muppetry (did you hear about the latest Hotmail issues?):
--
Insurance broker J.S. Wurzler Underwriting Managers has started charging up to 15 percent
more in premiums to clients that use Microsoft's Internet Information Server software, which the
Code Red worm feasted on.

In light of the $2 billion in damage caused by Code Red, founder and
CEO John Wurzler's decision just before the virus hit seems
prescient. Wurzler gained notoriety earlier this year for hiking
cyberinsurance rates on companies that use Microsoft NT software
on their servers.

So far, Wurzler appears to be the only insurer singling out Microsoft
for higher rates. And some security officials are not kind in their
comments.

"Wurzler is full of it," said Russ Cooper, the editor of the NTBugTraq
Web site and an employee of computer risk management and
security firm TruSecure. According to Cooper, Windows NT and IIS are easier to secure than
comparable Unix (news - web sites)- or Linux (news - web sites)-based servers because
Microsoft does a better job of publicizing and supplying the needed security patches for its
products. "It's easier to manage Microsoft server software because you can get all the patches
in one place," he said.

Wurzler, who has been selling hacker insurance since 1998, based his decision on more than
400 security analyses done by his firm over the past three years. Wurzler found that system
administrators working on open source systems tend to be better trained and stay with their
employers longer than those at firms using Windows software. That turnover may mean that
security patches don't get installed, said Wurzler, who offers lower rates to clients that use NT
and IIS if they can show that their administrators are following best practices.

---

Sedulously eschew obfuscatory hyperverbosity and prolixity.

You really should you know.

logic1

Even more muppetry!! Or maybe their code red hotmail server story was bull...

hotmail hacked

.logic.