Windows Update DOS attack imminent

As the world's Windows system administrators scramble to limit the damage from the Blaster virus, Microsoft itself is facing the countdown to August 16 when those unpatched machines will launch a denial of service (DOS) attack against the Windows Update site.

As the world's Windows system administrators scramble to limit the damage from the Blaster virus, Microsoft itself is facing the countdown to August 16 when those unpatched machines will launch a denial of service (DOS) attack against the Windows Update site.

Infected machines will all try to launch a DOS attack on the Windows Update site every day from August 16 to the end of the year and then again every year from August 16 on. Microsoft has yet to announce how it will deal with the attack and what customers of the service can do to continue to get upgrades if the system is constantly busy.

Microsoft partners in New Zealand don't typically use the Windows Update site for their own customers and so shouldn't be affected by the DOS attack.

Auckland-based system integrator Gen-i CEO Garth Biggs says if worst comes to the worst there are alternative ways of getting the latest software from Microsoft.

"If we have to we'll get someone to go over to the Microsoft office and borrow the disk."

Biggs says Gen-i takes a proactive approach to patches and upgrades and downloads them early.

"And [we] do some quality assurance work before releasing them to our customers."

Wellington-based Microsoft developer Intergen also doesn't make much use of the automatic update site, says managing director Tony Stewart.

"As a premiere partner we use a different site for upgrades and then we generally use it only for operating system upgrades."

Stewart says anyone running Windows XP should enable the firewall or face being deluged with port 135 probes from infected machines. Broadband customers especially are vulnerable as well, he says.

"Those with DSL routers will be OK but those DSL modems typically ship with their ports wide open."

The same is true, he says, for TelstraClear customers using the fibre network in Wellington or Christchurch.

Auckland-based IT solutions company Axon, which boasts the Parliamentary Service among its customers, also uses a different system for receiving upgrades from Microsoft according to chief executive Matt Kenealy.

"With our managed customers we've gone in to check to make sure everything's in place and our non-managed customers are notified when we get something from Microsoft and we put information up on the site and that sort of thing."

Microsoft's patch is available here and while the software giant has a freephone number (0800-800-004) for help in New Zealand, this number is so overloaded at the moment that users can't get through to support personnel.

Microsoft New Zealand enterprise and partner group director Terry Allen was not immediately available for comment.

Join the newsletter!

Error: Please check your email address.

Tags blaster

More about Axon SolutionsMicrosoftTelstraClear

Show Comments
[]