- Nokia's new N97 vs. the iPhone
- 10 Microsoft research projects
- Hard to get justice in MySpace case
- Smartphone smackdown: Storm vs. iPhone
- Apple removes antivirus support page
Microsoft fell victim to a software vulnerability in one of its own products on Saturday, when the W32.Slammer worm infested host machines on the Redmond, Wash., company's network, flooding that network with traffic.
The company's travails with Slammer late Friday night and Saturday morning were first revealed through internal e-mail messages obtained by news agencies and reported on Monday.
A Microsoft spokesman confirmed that the Slammer worm penetrated the company's network defenses and infected a number of SQL Server databases and desktop machines.
"There were circumstances where we were not patched," said Rick Miller, a spokesman for Microsoft.
The vulnerable machines were mostly in the company's Redmond campus and concentrated in an area of Microsoft's network used by SQL Server developers, according to Miller.
In some cases, the vulnerable machines were purposely left unpatched to try to recreate specific environments for testing purposes, Miller said.
Miller said that "a high percentage" of the SQL Server hosts used by customers were properly patched and unaffected by Slammer.
Slammer temporarily interrupted the company's Windows XP activation service, but the activation server was not vulnerable. Instead, the service was brought down by a flood of Slammer-related traffic from hosts on the same subnet, Miller said.
Given the size of the company, security experts weren't surprised that some machines on Microsoft's network were vulnerable.
"It's not surprising when you consider that most people working at Microsoft are (software) developers and that a lot of development software installs MSDE (Microsoft SQL Desktop Engine)," said David Litchfield, managing director of Next Generation Security Software Ltd. and the person who discovered the SQL Server vulnerability exploited by Slammer.
Miller confirmed that infections linked to the MSDE component were a part of the company's problem, but declined to say how many servers and desktops were affected or how much of the problem stemmed from desktops with MSDE installed.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment