WebCrime

MICROSOFT

Home
THE PROFIT MOTIVE: MyDoom Redux:
MALICIOUS CODE
HORROR STORIES
SPYWARE
SPOOFING
ANTHRAX
VIRUSES BY OTHER NAMES
PROGRAMMING VIA BIOLOGICAL ENGINEERING TECHNIQUES
MYDOOM
WORMS
KEYLOGGER
SPYWARE
HYBRIDS
ANTHRAX ON THE INTERNET
ANTHRAX CHATTER
CELLPHONE VIRUS CHATTER
VIRUS CHATTER
ANTHRAX CHATTER
MICROSOFT CHATTER
"link=bacillus"
MSBLASTER
PHISHING
SWEN
FIREWALLS
TERMS GLOSSARY
MALICIOUS SCRIPTS: THE STATE OF THE ART DELIVERY METHOD
RESOURCES: FIGHTING BACK - FREE UTILITIES
CODE RED
WHAT'S IN A NAME
MICROSOFT
NIMDA
ANTHRAX-NIMDA CONNECTION
SCRIPT KIDDIES VRS ENGINEERS
THE UNLIKELY LADDS
VIRUS ALLERTS
IDENTITY THEFT
HEADS OFF
HEADSUP


TOPICS:News/Current Events
KEYWORDS:CYBERSECURITY; HACKERS; HOMELESSSECURITY; MICROSOFT; WARNING; WINDOWS
This is getting serious, folks!
1 posted on 08/01/2003 4:36:03 PM PDT by Sen Jack S. Fogbound

To: Sen Jack S. Fogbound
Windows: just another pane in the glass.
2 posted on 08/01/2003 4:44:31 PM PDT by Excuse_My_Bellicosity (Stop the violins!! Visualize whirled peas...)

To: Sen Jack S. Fogbound
Windows vulnerable to attack

Hardly breaking news......

3 posted on 08/01/2003 4:45:19 PM PDT by AntiGuv (™)

To: Sen Jack S. Fogbound
Stupid is the word. You'd think that Microsoft would spend more of their profits on code audits so that they could head this stuff off at the pass. Or perhaps their bloated code is just so convoluted and poorly thought out that it would take an infinite number of highly skilled programmers to find the problems and fix things. Windows popularity is larger than anything else out there that you'd think they'd identify problems very quickly, but I guess lack of publicly available source code makes all the difference. One thing is for certain, Microsoft needs to read newspapers more.
4 posted on 08/01/2003 4:45:31 PM PDT by dr_who_2

To: dr_who_2
Windows popularity is larger than anything else out there that you'd think they'd identify problems very quickly, but I guess lack of publicly available source code makes all the difference.

I think you are full of it. They do identify problems quickly. Many past exploits have been based on a published FIX for a problem. Admins and users don't update their systems diligently. And anti-MS zealots are suspicious of auto-update, which deals with the lazy admin problem. Open source makes very little difference here. Holes are still being found in old open sourced code.

5 posted on 08/01/2003 4:53:37 PM PDT by old-ager

To: Sen Jack S. Fogbound
My Fortune 500 company e-mailed us and told everyone to stand down and wait for their own IT brainiaks to review the situationn. No MS patch downloads permitted until there is a review.

Private industry apparently doesn't need to take heed of Tom Ridge's warnings.

Who's right?

6 posted on 08/01/2003 4:54:42 PM PDT by Milwaukee_Guy (The Law of Unintended Consequences - No Good Deed Shall Go Unpunished.)

To: Sen Jack S. Fogbound
Microsoft has also advised customers to protect their network with a firewall.

This is getting serious, folks!

I know of no legit company that connects to the internet without a firewall. This is just more blather, if you have a system or a network on the net it is vulnerable, no matter what OS you use. If you don't want it hacked unplug it from the net.
7 posted on 08/01/2003 5:00:44 PM PDT by Crusader21stCentury

To: Milwaukee_Guy
My Fortune 500 company e-mailed us and told everyone to stand down and wait for their own IT brainiaks to review the situationn. No MS patch downloads permitted until there is a review. Private industry apparently doesn't need to take heed of Tom Ridge's warnings. Who's right?

Probably not your IT department. Speaking for my Fortune 500, the IT department arrives in a short bus. As an overhead department, whose expense could entail a slight impact on a worthless VP's bonus, they buy CHEAP. They make a point of hiring brainiacs who have been picked over and left by everyone else, recent tech school grads who stay only long enough to gain some experience before being starved out and bolting. The ones who remain to become "Senior" are the ones who could not get hired for better positions elsewhere.

I locked them out of my BIOS last year, and have the only machine that always boots Monday Mornings. They whine, and say, "It's not your computer"...Well, it isn't theirs, either.

Your mileage may vary..there very well might be companies out there who demand the best employees..After all, ours are escaping SOMEWHERE!

8 posted on 08/01/2003 5:04:50 PM PDT by Gorzaloon (Contents may have settled during shipping, but this tagline contains the stated product weight.)

To: Milwaukee_Guy
I think I'd listen to your IS folks before Tom Ridge...
9 posted on 08/01/2003 5:08:48 PM PDT by BeerSwillr

To: Sen Jack S. Fogbound
Both of your links link to:

Document Not Found Sorry, the requested document does not exist on this server.

Are you SURE this article isn't perhaps a joke or malicious page just to scare people and/or sell software?

10 posted on 08/01/2003 5:09:15 PM PDT by EggsAckley

To: Crusader21stCentury
I know of no legit company that connects to the internet without a firewall.

The link to the info does not come up for me, at least at the moment.

However, many of the new viruses can tunnel through a firewall in ways that are difficult for a firewall to block, yet still pass legitimate traffic.

11 posted on 08/01/2003 5:25:12 PM PDT by ikka

To: Sen Jack S. Fogbound
The federal government says there is new evidence that an attack is being planned on computers using Microsoft's Windows.

Aren't these the same guys who try and grab our guns and leave our borders wide open? I'd think they'd have better things to do...

12 posted on 08/01/2003 5:28:11 PM PDT by TomServo ("One good thing about the apocalypse -- always plenty of parking.")

To: Gorzaloon
I was holding back. You speak truth Kimosabee.

I too have the only network PC that actually works and won't let an IT guy touch it.

Not that I'm all that good. Our IT guys are unfortunatly pretty low on the food chain.

VP salaries are the reason we all exist now....
13 posted on 08/01/2003 5:39:36 PM PDT by Milwaukee_Guy (The Law of Unintended Consequences - No Good Deed Shall Go Unpunished.)

To: Milwaukee_Guy
Not that I'm all that good. Our IT guys are unfortunatly pretty low on the food chain.

Oh, I figured all our good ones were going to YOUR place!

I do not consider myself a guru with computers, but in the land of the Blind, the One-Eyed Man is King.

14 posted on 08/01/2003 6:14:56 PM PDT by Gorzaloon (Contents may have settled during shipping, but this tagline contains the stated product weight.)

To: Sen Jack S. Fogbound
U.S. says Windows vulnerable to attack

And gee, it only took Nimda, Code Red (I & II), Melissa, ILOVEYOU, the MS-SQL Slammer worm, and about an @$$load of other viruses, trojans and worms to recognize this.

Good call, guys. Next thing you know, you'll be telling us that rain is wet and sugar's sweet.

-Jay

15 posted on 08/01/2003 6:26:15 PM PDT by Jay D. Dyson (But I can't get nothin' that can be bought, so I'll just live with what I got... Lord, forgive me.)

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

 
 

Microsoft Announces Anti-Virus Reward Program

Microsoft Teams With Worldwide Law Enforcement to Root Out Malicious Code Distributors With $5 Million Reward Fund as a Part of Broader Security Initiative

Microsoft senior vice president and general counsel Brad Smith joins senior law-enforcement officials at a briefing on the Microsoft Anti-Virus Reward Program in Washington D.C., Nov. 5.
Microsoft senior vice president and general counsel Brad Smith joins senior law-enforcement officials at a briefing on the Microsoft Anti-Virus Reward Program in Washington D.C., Nov. 5.
Click image for high-res version.

WASHINGTON -- Nov. 5, 2003 -- Microsoft Corp. today announced the creation of the Anti-Virus Reward Program, initially funded with $5 million (U.S.), to help law enforcement agencies identify and bring to justice those who illegally release damaging worms, viruses and other types of malicious code on the Internet. Microsoft will provide the monetary rewards for information resulting in the arrest and conviction of those responsible for launching malicious viruses and worms on the Internet. Residents of any country are eligible for the reward, according to the laws of that country, because Internet viruses affect the Internet community worldwide.

As part of the Reward Program, Microsoft announced the first reward in the amount of a quarter-million dollars (U.S.) for information leading to the arrest and conviction of those responsible for unleashing the MSBlast.A worm. Although two arrests were made in connection with the B and C variants of the MSBlast worm, those responsible for releasing the original worm this summer remain at large. The worm was designed to attack Microsoft’s www.windowsupdate.com Web site, which provides fixes for vulnerabilities and helps protect users against malicious attacks.

Microsoft offered a second quarter-million-dollar reward for information that results in the arrest and conviction of those responsible for unleashing the Sobig virus. This virus, the first variant of which was detected Jan. 10, 2003, attacked individual machines and e-mailed itself to each e-mail address in the computer’s contact list. The Sobig.B and Sobig.C variants of the virus made messages appear as if they had come from official Microsoft e-mail addresses. No arrests have been made in connection with the Sobig virus.

"Malicious worms and viruses are criminal attacks on everyone who uses the Internet," said Brad Smith, senior vice president and general counsel at Microsoft. "Even as we work to make software more secure and educate users on how to protect themselves, we are also working to stamp out the criminal behavior that causes this problem. These are not just Internet crimes, cybercrimes or virtual crimes. These are real crimes that hurt a lot of people. Those who release viruses on the Internet are the saboteurs of cyberspace, and Microsoft wants to help the authorities catch them."

Partnership Program With Law Enforcement

Representatives of three law enforcement agencies, the Federal Bureau of Investigation (FBI), the Secret Service and Interpol, today joined Microsoft at the National Press Club news conference, where the company provided details of the reward program.

"The malicious distribution of worms and viruses, such as MSBlast and Sobig, are far from victimless crimes," said Keith Lourdeau, Acting Deputy Assistant Director of the FBI Cyber Division. "Such attacks on the Internet cost businesses worldwide millions — some estimates claim billions — of dollars and wreak havoc on individuals by ruining files, hard drives and other critical data. We intend to vigorously pursue the perpetrators of these crimes, and we hope to see additional industry-government collaboration to identify these individuals."

"Not only are we concerned with apprehending those individuals who commit computer crimes but also in limiting the damage done by these criminals to private industry and the public," said Bruce Townsend, deputy assistant director of investigations at the Secret Service. "By working together, the public, the private sector and law enforcement can combine their resources to effectively combat computer-based crimes like the MSBlast.A worm and Sobig virus."

"Interpol is particularly interested in fighting the malicious spreading of viruses because this represents truly borderless crime that requires a truly global response, a global collaboration between police and private industry," said Interpol Secretary General Ronald K. Noble, at the organization’s headquarters in Lyon. "This Microsoft reward program is an opportunity to continue building effective relationships between the world’s police and the private sector in order to prevent and prosecute cybercrime."

Individuals with information about the MSBlast.A worm or the Sobig virus, or any other worms or viruses, should contact the following international law enforcement agencies:

  • International/Interpol: via the Interpol National Central Bureau in any of Interpol’s 181 member countries or at http://www.interpol.int/
  • FBI or Secret Service: via any local field office
  • The Internet Fraud Complaint Center: at http://www.ifccfbi.gov/

Microsoft has made security a top priority and is committed to developing the most secure software possible and making it easier for customers to protect themselves against attacks launched by malicious law breakers. Over the past year, the company delayed several product development projects to provide intensive training for more than 18,000 developers on how to write more secure code. The company has taken numerous steps to alert users to possible vulnerabilities and steps they can take to protect themselves, including the recent "Protect Your PC" campaign. This information is available at http://www.microsoft.com/protect/. While working hard to improve the security of its software, Microsoft also cooperates with

international, federal and state law enforcement to help bring the perpetrators of these attacks to justice.

Founded in 1975, Microsoft (Nasdaq "MSFT") is the worldwide leader in software, services and Internet technologies for personal and business computing. The company offers a wide range of products and services designed to empower people through great software —
any time, any place and on any device.

Microsoft is a registered trademark of Microsoft Corp. in the United States and/or other countries.

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

 

Note to editors: If you are interested in viewing additional information on Microsoft, please visit the Microsoft Web page at http://www.microsoft.com/presspass/ on Microsoft's corporate information pages. Web links, telephone numbers and titles were correct at time of publication but may since have changed. For additional assistance, journalists and analysts may contact Microsoft's Rapid Response Team or other appropriate contacts listed at http://www.microsoft.com/presspass/contactpr.asp.

 
 

U.S. says Windows vulnerable to attack

Published: August 1, 2003, 7:46 AM PDT
 

The federal government says there is new evidence that an attack is being planned on computers using Microsoft's Windows.

The Department of Homeland Security issued an updated advisory this week about possible hacker attacks on computers running Microsoft operating systems. The advisory warns that several working exploits are now in widespread distribution on the Internet.

"These exploits provide full remote system level access to vulnerable computers," the advisory states.

Microsoft issued a patch to plug the hole two weeks ago.

No worm code has been reported so far. But the Homeland Security Department said there is evidence to show an increase in searches for vulnerable computers on the Internet over the past week. This reinforces the urgency to install patches on computers that use Windows operating systems as soon as possible, the advisory said.

The warning comes after hackers from the Chinese X Focus Security Group forwarded source code to several public security lists. The code is designed to allow an intruder to enter Windows computers. Microsoft has also advised customers to protect their network with a firewall.

 
 

U.S. says Windows vulnerable to attack

By

CNET News.com Staff


August 1, 2003, 7:46 AM PT


The federal government says there is new evidence that an attack is being planned on computers using Microsoft's Windows.

The Department of Homeland Security issued an updated advisory this week about possible hacker attacks on computers running Microsoft operating systems. The advisory warns that several working exploits are now in widespread distribution on the Internet.

"These exploits provide full remote system level access to vulnerable computers," the advisory states.

Microsoft issued a patch to plug the hole two weeks ago.

No worm code has been reported so far. But the Homeland Security Department said there is evidence to show an increase in searches for vulnerable computers on the Internet over the past week. This reinforces the urgency to install patches on computers that use Windows operating systems as soon as possible, the advisory said.

The warning comes after hackers from the Chinese X Focus Security Group forwarded source code to several public security lists. The code is designed to allow an intruder to enter Windows computers. Microsoft has also advised customers to protect their network with a firewall.


Free Republic
Home Browse Search
News/Activism
Topics Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2003 Robinson-DeFehr Consulting, LLC.

HOME