The CEO of a software house claims that the slow uptake of the Vista operating system was down to Press criticism. Speaking about the spread of the Downadup worm, Phillip Lieberman, CEO of Lieberman Software, told IT Examiner:
"The core of the problem is centered on the massive number of home users and SMB that have no IT department and don't use the automatic update feature built into Windows. This outbreak is the proof point that home users must migrate to the more secure and better designed operating systems such as Microsoft Vista and Windows 7."
Lieberman explained that newer operating systems were more secure by design, but the majority of home users and SMB organizations were incapable of managing even the most basic security aspects of their PC's. Lieberman also attributed the security lapse to a delay in the adoption of Windows Vista.
"The press has slowed adoption of Vista by relentlessly criticising it - those annoying pop-ups stop the infection. Microsoft also had the patches for the flaws months ago, but users don't (access) the update service because Microsoft is also relentlessly criticized by the press," said Lieberman.
"The ISPs refuse to block the infection traffic because they don't want the legal liability of being responsible for the content of their subscribers - a big thank you to the RIAA and MPA for handcuffing the ISPs and closing the ability to stop criminals. If ISPs stop the traffic, they will end up living in court for an eternity - can you say 'unintended consequence' and 'judicial incompetence?'"
Shavlik Technologies has warned that the stealth Downadup worm continues to infect millions of unpatched Windows machines
"Downadup is a really advanced worm - the likes of which we haven't seen in many years," Shavlik CTO Eric Schultze told IT Examiner. "Once a single machine is infected in a corporate environment, it can spread itself to all of the other corporate machines, whether they've been patched or not. Although some reports say the worm is a dud, I believe that it's simply 'sleeping' and may be woken up at a future date to execute some set of evil instructions," said Schultze.
According to Schultze, the insidious worm switches off the Windows Update service and blocks access to numerous security vendor websites. Although Shavlik's NetChk Protect has successfully shielded numerous customers from the threat, organizations that rely on agent-based patch management solutions, such as Windows Update, may be unable to apply the required MS08-067 patch on systems that have already contracted the wriggling worm.
The nefarious Conficker variant is spread via the Internet and compromised USB devices. The worm also modifies Windows firewall settings to allow access to specified, unprotected ports.
Added Lieberman: "On the other hand, it is a financial field day for the anti-virus vendors - do I still have time to buy Symantec stock?” X