As the net burns, Microsoft remains silent

Ok, it's been 20+ hours since the Microsoft SQL Server worm went active as reported here on Slashdot. This worm takes advantage of an exploit that was publicized last July by NGSSoftware. Fortunately, Microsoft has a service pack for it -- Service Pack 3 specifically. Which just happened to be released last week. Timely.

Now you'd think Microsoft would have something to say to their customers about all this, since an exploit in their software practically brought the Internet to its knees. But the Microsoft home page says nothing about it. They're too busy touting a new game they've made, tips on how to get your customer's email address and ironically, a whitepaper on how to build and configure more secure web sites. Even their Microsoft Security and Privacy site says nothing about the SQL Server worm.

Maybe they think if they just ignore it, it will go away. Or perhaps they feel that since the service pack is out there, shame on you for not installing it. Well, while those of you that have been afflicted with this worm install the service pack, you can read Bill's report: "Security in a Connected World".

Dave Winer is tickled pink that the independent web documented all this faster and better than the traditional media did. But it's sad that Microsoft hasn't written a word about it -- at least so far as I've seen anyway. And as some of the Slashdot readers have already asked -- why isn't SQL Server supported by Windows Update? They have a pretty good software update system in place for Windows (which SQL Server requires naturally), but they only use it for Windows itself. Why not all the other installed Microsoft products. What a waste. There are tons of Microsoft patches to install -- the least they can do is make it easier to stay current.

TrackBack

TrackBack URL for this entry:
http://bradchoate.com/mt/feedback/tb/544

Listed below are links to weblogs that reference As the net burns, Microsoft remains silent:

» Fingiendo Demencia from Afrael
Para muchos es noticia del pasado lo del ataque del gusano a todos los servidores con software Microsoft, IIS [Read More]

» Fingiendo Demencia from Afrael
Para muchos es noticia del pasado lo del ataque del gusano a todos los servidores con software Microsoft, IIS [Read More]

2 Comments

Good grief Brad! This is business as usual for Microsoft. Actually making things simpler or more secure for the end-user has never been official Microsoft practice no matter what their literature (or sales department) claims. Does any of this actually surprise you?

Chris said:

I agree--this is what certain companies are all about.

About

This article was published on January 25, 2003 8:47 PM.

The article previously posted was Syndirella.

The next article is Syndirella wish list.

Many more can be found on the home page or by looking through the archives.

Powered by Movable Type