15 Aug 2003
Microsoft extinguishes Windowsupdate.com website - attempts to sidestep Blaster worm attack, Sophos comments
According to media reports Microsoft has confirmed that it has
decided to kill off its Windowsupdate.com web address. The website
was due to suffer a denial of service attack on 16 August by
computers infected by the W32/Blaster-A worm.
Sean Sundwall, a spokesman for Microsoft said: "One strategy for
cushioning the blow was to extinguish Windowsupdate.com. We have no
plans to ever restore that to be an active site."
According to Microsoft, consumers can update their computers by
visiting the web address http://windowsupdate.microsoft.com or the main
Microsoft website page at http://www.microsoft.com where
information is available on downloading patches as well as advice
on setting up firewall protection.
"Users should not think this step means they no longer have to
do anything about the Blaster worm," said Graham Cluley, senior
technology consultant for Sophos Anti-Virus. "All computer users
still have a responsibility to ensure this worm has no hiding place
on their PCs. So, install the patch from Microsoft, ensure your
firewall is properly configured, and confirm your anti-virus is
up-to-date. Once that is done take this weekend considering how you
can run your computer more securely in the future."
Sophos believes that every IT manager responsible for security
should consider subscribing to vulnerability mailing lists such as
that operated by Microsoft at www.microsoft.com/technet/security/bulletin/notify.asp.
Other vendors offer similar services.
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.