Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Widespread Windows infection?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

____/ Richard Rasker on Sunday 14 December 2008 16:22 : \____

> I guess it's just been Patch Tuesday again -- as no less than four people I
> know contacted me in the past few days about their Microsoft crapware
> having succumbed once again to some Trojan or other, and several more
> complaining about their machines having become even slower than usual all
> of a sudden ... From what they told me, it was a simple matter of
> "click-oops" in all cases, and they were all using up-to-date antivirus
> software.
> Is there something out there affecting over lots of Windows machines right
> now? If so, I think I'll reserve a little more time the next few days for
> extra Linux installs (with two new installs scheduled for tomorrow alone).
> 
> Perhaps we should rename "Windows Patch Tuesday" to "Linux Install
> Wednesday" ...
> 
> Richard Rasker

Isn't there a "zero-day Wednesday"? One day after the patches arrive a new
0-day is usually scheduled to surface in the form of attacks that make
botnets.

Here's how the cycle goes:

   1. Many flaws get reported, accumulated, and then mostly ignored
   2. Attacks on the unpatched flaws begin, so Microsoft ‘kindly’ bothers to
work on patches in a rush
   3. Patch Tuesday arrives and Microsoft delivers a slew of patches
(occasionally delivering nothing critical for bragging rights in the press,
only to deliver a massive number of critical patches the following month, i.e.
deferral)
   4. Patches arrive too late, after many servers and desktop have already been
hijacked
   5. A number of zero-day flaws emerge, some of which exploiting
vulnerabilities Microsoft has been aware of for a long time
   6. Patches turn out to be dysfunctional and consequently many computers are
left out of services
   7. Microsoft reworks the patches and then delivers a patch to the broken
patches
   8. Repeat (1)

         [ http://boycottnovell.com/2008/12/11/microsoft-patch-cycle/ ]


- -- 
                ~~ Best of wishes

Roy S. Schestowitz      | Here be hills, there be dragons!
http://Schestowitz.com  |    RHAT Linux     |     PGP-Key: 0x74572E8E
 19:20:01 up 60 days,  3:38,  2 users,  load average: 1.70, 1.45, 1.15
      http://iuron.com - Open Source knowledge engine project
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAklFXY4ACgkQU4xAY3RXLo5PLgCfUG31Piz9BtUG92Z8xSrAOphQ
wNEAn1YC7n6XcpRJkfJs+RrXeIqdIrRX
=AQdj
-----END PGP SIGNATURE-----

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index