The MSBlast (Blaster) virus has caused serious disruption to businesses.
Air Canada has reported that Nachi, a worm related to MSBlast, crippled its check-in and reservation systems, causing flights to be delayed and cancelled. The situation compounded the problems already seen by the airline after last week’s power outage.
The US Navy Marine Corps also confirmed that its 100,000-seat intranet was essentially unusable for a sustained period starting Monday afternoon, due to the excess traffic created by Nachi infections on its servers.
And over the weekend, spokespeople for Edwards Air Force Base in California, where the US Air Force tests its cutting-edge planes, told the Washington Times that its network had been take offline in response to MSBlast.
While poor security practices and slow patching procedures at least partly to blame for this kind of incident, more blame should lie with two other parties – the virus author who made and used the exploit, and Microsoft, which made the vulnerability.
In response to the latest high-profile spat of viruses, Microsoft said that it is considering making security patching obligatory and automated by default in future shipments of its buggy Windows operating system.
The feature could even make it into Windows as early at the next services packs for existing Windows versions. The Washington Post reported that users could opt-out of such a program, but that it would be enabled by default.
Such a program could be unpopular among enterprise users that have security-savvy technical personnel and don’t want Microsoft installing potentially buggy and disruptive software on their business-critical systems without prior testing. But it could also help keep non-technically-savvy Internet users from contributing to the spread of worms such as MSBlast and Nachi, which are causing very serious real-world problems this last week.
Source: Computerwire/Datamonitor
