Viruses exploit Microsoft patch cycle
Takeaway: Are MyDoom offshoots an attempt to throw Microsoft off-balance?
Stay on top of the latest tech news with our free IT News Digest newsletter, delivered each weekday. Automatically sign up today!By
Munir Kotadia
ZDNet Australia
The creators of the latest MyDoom variant, which exploits a recently discovered iFrame vulnerability in Internet Explorer, may have timed the release of the viruses to throw Microsoft's monthly patch cycle into disarray, security experts say.
In its latest monthly update on Tuesday, Microsoft was not able to fix a serious vulnerability in the Internet Explorer browser because the flaw was discovered only a few days before the company's regular update was due. The two variants of the MyDoom virus were released earlier this week, leaving the software giant without any option but to ignore the problem--for now.
Sean Richmond, senior technology consultant at Sophos Australia, told ZDNet Australia that it would have been impossible for Microsoft to create and test a reliable patch in four days--the time between the vulnerability being published and Tuesday's patch update.
"To release a stable patch for IE would be impossible (in that time) because they want to test it thoroughly before it goes out," Richmond said. "The monthly patch cycle was designed to make it easier for system administrators to schedule their updates, but a few days is just not enough time for Microsoft create and test a patch."
Ben English, security team leader at Microsoft Australia, told ZDNet Australia that Microsoft advocates a process of responsible disclosure and is "very keen" to discover any vulnerabilities before they are made public.
"The reasons are very obvious. We would not disclose any info about a vulnerability till we have mitigation in place," English said. "The worst scenario for us is that we release an update which has quality problems. We believe the downstream problems of releasing patches too quickly are even more serious than not putting in the quality that they deserve."
English would not comment on whether Microsoft thought the timing of the worm's and the vulnerability's disclosure was malicious, but he said that if the problem were serious enough, the company would break its patch cycle to plug the gap.
"In terms of the timing, I have no comment on whether there is malicious intent," he said. "But in a sense, it is academic because if this is a serious vulnerability and we have a patch available, we will release it out of cycle."
The MyDoom virus, also referred to as a worm, has been dubbed Bofra by some antivirus firms.
Munir Kotadia of ZDNet Australia reported from Sydney.
Print/View all Posts Comments on this article
 Viruses exploit Microsoft patch cycleNewsletter Editor  | 11/11/04 |
  Well to be fairHAL 9000 | 11/11/04 |
| Hopefully Microsoft will adapt...Ian Mclaws | 11/11/04 |
 Ian do you remember just why M$ stopped doing this?HAL 9000 | 11/11/04 |
| do you care why M$ stopped???madmadjohn | 11/11/04 |
SponsoredWhite Papers, Webcasts, and Downloads
- The OSI Model: Understanding the Seven Layers of Computer Networks Global Knowledge
- Simple Tricks to Ace the Subnetting Portion of Any Certification Exam Global Knowledge
- Using the Six Laws of Persuasion in Negotiations Global Knowledge
- 2007 IT Salary and Skills Survey: What Impacts Salaries? Global Knowledge
- ITIL: What It Is and Why You Should Care Global Knowledge
Article Categories
- Security
- Security Solutions, IT Locksmith
- Networking and Communications
- E-mail Administration NetNote, Cisco Routers and Switches
- CIO and IT Management
- Project Management, CIO Issues, Strategies that Scale
- Desktops, Laptops & OS
- Windows 2000 Professional, Microsoft Word, Microsoft Excel, Microsoft Access, Windows XP,
- Data Management
- Oracle, SQL Server
- Servers
- Windows NT, Linux NetNote, Windows Server 2003
- Career Development
- Geek Trivia
- Software/Web Development
- Web Development Zone, Visual Basic, .NET
