Introduction About Site Map

RSS 2 Feed RSS 2 Feed

Main Page | Blog Index

Saturday, October 29th, 2005, 3:17 pm

Microsoft and Windows Zombies

Bill Gates
Bill Gates arrested in his younger days (photo in public domain)

MICROSOFT are finally starting to investigate zombie attacks, which have been launched continuously due to vulnerability in their flagship product — the ubiquitous operating system Windows. This is long overdue and a real embarrassment as the extent of zombie attacks is growingrapidly. Not only do Windows users suffer as a result of these attacks, but the entire Web does, me included. From the article:

Microsoft is investigating 13 spam operations as part of a call to action against zombies, which are compromised computers used without their owners’ permission to send spam, launch denial-of-service (DoS) attacks, and spread worms and viruses.

Ironically enough, Microsoft attempted to fix this loophole, but did so incompletely! Their patch was flawed. So, for the past 3 weeks, my site has come under attack by over 1,000 Windows zombies per day (never less than 1,000). At some point, the strain was so high that the site and Web host reached the brink of collapse. This could only be described as Denial of Service (DoS) attack, almost leading to my site being Dead on Arrival (DoA). This has been costing me money, as well as plenty of time and distress.

I explicitly promised to mention this aspect of my activities no more. Yet, the 2 articles above sparked my emotions yet again (and Halloween is a couple of days ahead, so zombies are on topic). Why should my pocket be emptied to cover for junk traffic that is spewed out from unprotected operating systems, which were claimed to be strong and and reliable? Why is it that Webmasters are no longer in control over their own Web sites? Those affected would know exactly what I mean.

A lot of my bandwidth gets drained by zombies from all around the world. Consequently, the server slows down and log files become extremely noisy. Spammer-driven zombies are intended to ruin these logs. The effort is affordable as merely any hijacked computer can be exploited to attain brute-force attacks. The only solution is operating system cleansing. While Microsoft attempt to hunt down the spammers/attackers, I think they ought to be responsible for patch up any vulnerable machine. This includes any Internet Café where the owners are simply apathetic to critical patches.

My final message to Microsoft: You got the Internet into this mess to begin with. You made your operating system so easy to penetrate/hijack and the entire world (or a subset of it) suffers. You are now responsible for putting an end to it all and you sure have enough money to put into the necessary operations. I am tempted to use strong language, but I suppose it would be inappropriate at this time and place and would achieve nothing.

I once addressed Windows users with a friendly message on the need to patch up the operating system. If the users are unwilling to do so or find it rather difficult, Microsoft ought to step up and get involved. Otherwise, the Net would soon degrade to a sordid mess involving more and more DoS attacks. Fingers would all be pointing at Redmond and the reputation of Windows, as if it ever existed, be shattered.

Comments are closed.

Back to top

Retrieval statistics: 21 queries taking a total of 0.110 seconds • Please report low bandwidth using the feedback form
Original styles created by Ian Main (all acknowledgements) • PHP scripts and styles later modified by Roy Schestowitz • Help yourself to a GPL'd copy
|— Proudly powered by W o r d P r e s s — based on a heavily-hacked version 1.2.1 (Mingus) installation —|