WinInfo Daily UPDATE, August 18, 2003

This Issue Sponsored By



1. In the News
- Microsoft Thwarts Worm Attack

2. Announcement
- Get the eBook That Will Help You Get Certified!

3. Event
- New--Mobile & Wireless Road Show!

4. Contact Us
- See this section for a list of ways to contact us.

==== Sponsor: Winternals ====

Defragging Database Volumes? Use Defrag Manager
Maybe you've heard rumors or had a bad experience with outdated defrag technology. Either way, allow us to set the record straight: Winternals Defrag Manager, the enterprise optimization tool created by Windows experts, safely and effectively defrags volumes where SQL, Exchange, or Active Directory databases reside. In fact, Defrag Manager works wonders on every drive in your infrastructure, significantly improving read/write performance and increasing volume efficiency for peak performance. Simply install it on one system to optimize your entire enterprise--automatically. Already using a competing product? Now you can save 25% when you upgrade to Defrag Manager. Learn more and sign up for a free trial CD today at:

==== 1. In the News ====
by Paul Thurrott, [email protected]

Microsoft Thwarts Worm Attack
Using a technical sleight of hand, Microsoft was able to stave off a planned Internet attack on its Windows Update Web site over the weekend, keeping the site open for legitimate users. WinInfo Daily UPDATE readers are likely familiar by now with the fact that the infamous MSBlaster worm, which compromises a remote procedure call (RPC) vulnerability in all Windows NT-based OSs, was set to launch a Distributed Denial of Service (DDoS) attack on Windows Update August 16. Microsoft says it was able to turn back that attack by changing the way the company routes computers to the Web site, and Saturday came and went without any Windows Update performance problems or downtime.
"One strategy for cushioning the blow was to extinguish the site," a Microsoft spokesperson said. "We have no plans to ever restore that to be an active site." The company deregistered's IP address with Internet-based DNS servers. By Friday morning, was effectively offline, and the site sent legitimate users to, which the company says was always the real destination; just redirected users to the longer URL. Because the worm knows only about, not the new URL, Microsoft was able to effectively stop the worm.
According to antivirus vendor Symantec, the MSBlaster worm has affected more than 385,000 computers, despite constant warnings during the past month from Microsoft, the US Department of Homeland Security (DHS), the technical press, and various security experts that users and administrators should install Microsoft's patch, which the company released in mid-July. Since that time, the intruders responsible for the MSBlaster worm were able to fashion a virulent software attack that took advantage of a vulnerability with Microsoft's RPC technology, knowing that many systems would remain unpatched and unprotected.
Sadly, many users could have averted the attack fairly easily; for example, Windows Server 2003 and Windows XP users had only to select one check box to enable the free ICF that comes with those products and prevent the worm from doing any damage. Let's hope that MSBlaster will be a turning point for Windows users and administrators; a little proactive security work can go a long way. Meanwhile, intruders are busy writing new variations of MSBlaster that will likely do more damage than the original version. You've been warned.

==== 2. Announcement ====
(from Windows & .NET Magazine and its partners)

Get the eBook That Will Help You Get Certified!
The "Insider's Guide to IT Certification," from the Windows & .NET Magazine Network, has one goal: to help you save time and money on your quest for certification. Find out how to choose the best study guides, save hundreds of dollars, and be successful as an IT professional. The amount of time you spend reading this book will be more than made up by the time you save preparing for your certification exams. Order your copy today!

==== 3. Event ====
(brought to you by Windows & .NET Magazine)

New--Mobile & Wireless Road Show!
Learn more about the wireless and mobility solutions that are available today! Register now for this free event!

==== Sponsored Links ====

FREE live trial-Backup & Disaster Recovery software w/ encryption;5945485;8214395;x?

Free Download - NEW NetOp 7.6 - faster, more secure, remote support;5930423;8214395;j?


3. ==== CONTACT US ====

About the newsletter -- [email protected]
About technical questions --
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring UPDATE -- [email protected]


This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today.

Manage Your Account
You are subscribed as #EmailAddr#.

To unsubscribe from this email newsletter, send an email message to mailto:#mailing:unsubemail#.

To make other changes to your email account such as change your email address, update your profile, and subscribe or unsubscribe to any of our email newsletters, simply log on to our Email Preference Center.

Copyright 2003, Penton Media, Inc.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.