One Windows Worm, One Week, and Possibly 250,000,000+ New Windows Zombies

Dr. Roy Schestowitz

2009-01-22 11:14:23 UTC
Modified: 2009-01-22 11:14:23 UTC

Time for urgent "Change"

THIS IS A HUGELY important issue that we tracked a few days ago. We already knew that almost 1 in 2 Windows PCs had become zombie PCs, but it keeps getting worse. According to this report, as many as one in three Windows PCs may have been occupied by one single worm in a matter of just days! That's how serious it is.

The computer worm responsible for the biggest attack in years has infected at least 1 out of every 16 PCs worldwide, a security company said Wednesday, and may have managed to compromise as many as nearly 1 in 3.

This may be the right time to contract law-makers or regulators and make a request for new laws to be applied to bad platforms that can leave people dead.

The victims of this latest storm are so many and the BBC says that even a UK-based Fire and Rescue service is downed by its use Windows, which came under virus attack.

Strathclyde Fire and Rescue has said its IT network has "come under attack from a computer virus".

Once again, this is costing lives.

Vista and Vista 7, as we pointed out a few days ago, are not immune. It's more of the same.

Windows worm trickery for Vista

The Conficker virus has opened a new can of worms for security experts.

Drives such as USB sticks infected with the virus trick users into installing the worm, according to researchers.

Microsoft would like naive reporters to propagate the perception that this could happen to anyone, but it was Microsoft itself that said: "Our products just aren't engineered for security." Well, now they find out? ⬆

Comments

David Gerard

2009-01-22 14:50:13

I'm quite pleased to see that press articles I've seen on the subject make it clear this is a Windows problem, not one that affects all computers.

(One story suggested in the headline it would affect Linux systems running Wine - which is a real concern, as Wine is good enough to run most worms - but the end of the story asked if anyone had seen Conficker running in Wine and could verify it actually did anything. ?!)
Roy Schestowitz

2009-01-22 15:27:13

That's like saying that the chef is dangerous because he carries a knife (for chopping carrots and stuff).
David Gerard

2009-01-22 15:38:23

Well, yeah. It's quite easy for an app to break out of its WINEPREFIX (referred to as "bottles" in CrossOver), so Wine-aware malware could certainly trash your home directory, try to read your Firefox passwords, etc. (This is not easy to reliably secure against, and the Wine project isn't bothering to try. If you really want to run toxic waste in Wine, create a new user and do it there.) However, much like theoretical Mac OS X or Linux viruses, there remain 0 examples in the wild.
David Gerard

2009-01-22 15:39:07

The key point was, the article was basically an attention-grabbing headline that was actually a complete lie. Ad-banner trolling.
Roy Schestowitz

2009-01-22 15:44:10

Which article?
David Gerard

2009-01-22 20:25:41

This one:

http://network.itproportal.com/articles/2009/01/21/linux-windows-7-beta-could-be-hit-downadup-worm/

Page 1: "Furthermore, there are rumours that even Linux could be affected by the Worm if they run Wine, an application that allows Linux to execute programs written for the Windows environment. In theory, the virus would only affect the Windows partition rather than the whole operating system."

Page 2: "It would be great if someone could confirm the Linux rumours and Wine's autorun.inf capabilities."

i.e. we made up some rubbish to give a splash headline.
Roy Schestowitz

2009-01-22 20:30:00

Extra extra!

Chef Could Murder Waiter

Page X: “It would be great if someone could confirm the chef cut the waiter and not onions.”
Yggdrasil

2009-04-01 00:18:14

Where exactly do you get this figure of 250 million? That number is 100 million more than the total number of Internet users in the United States alone. One of your references from Panda Security suggests rates anywhere from 1 in 16, all the way to 1 in 3. Why so high? Because as the article states, Panda security based this data on machines that had come to the website to have their machine scanned. Imagine the percentage of people who go to the doctor due to symptoms of illness, you might find a high percentage who are sick. Everything else was pure speculation, with little hard evidence. While, I'm not surprised you use the worse figure you could find, I'm surprised you don't better analyze the sources you use to test their integrity. This reflects poorly on you.

Late January, UPI reported 15 million Conficker infections:

http://www.upi.com/Top_News/2009/01/25/Virus_strikes_15_million_PCs/UPI-19421232924206/

But the real nitty gritty from the article is here:

"Symantec noted on its blog last week that very few computers in North America had been infected, a trend which it attributed to the greater prevalence of legal and fully patched software."

In several other places on this site you note that there is no way to be safe with Windows, yet as the article shows, legitimate installed were not affected. Not only because security updates are downloaded, but since XP SP2 the Windows Firewall is enabled by default.

While you dispute the obscurity of Linux on the desktop, it's interesting to note that even popular distros like Ubuntu do NOT have a firewall enabled be default. This is unwise, regardless of how many countless security updates are installed.

One Windows Worm, One Week, and Possibly 250,000,000+ New Windows Zombies

Windows worm trickery for Vista

Comments

Chef Could Murder Waiter

Recent Techrights' Posts