|
| The worm exploited a Microsoft vulnerability,
allowing hackers to take remote control of PCs. |
A web poll of more than 1,000 business PC users1, conducted by Sophos, has revealed that despite
Microsoft releasing a security patch and warning in advance, 35% of
respondents feel the software giant should shoulder the blame for
the recent worm attacks against businesses across the globe. The
worms exploit a newly discovered
vulnerability in Microsoft's code.
Systems administrators are also feeling the wrath, with 20% of
respondents blaming them for not patching systems quickly enough.
45% hold the virus writers responsible for the 19 worms, which all
take advantage of the same flaw.
"The majority of users believe that the virus writer has to take
the ultimate blame for deliberately creating and unleashing this
worm to wreak havoc on poorly protected businesses," said Graham Cluley, senior
technology consultant at Sophos. "But what is most surprising is
that so many people blame Microsoft for having the software flaw in
the first place. Users' anger is perhaps understandable as
Microsoft's security problems and their consequences are felt by
businesses the world over. Many respondents appear to be incredibly
frustrated by the constant need to roll-out emergency patches
across their organizations."
Sophos believes that Microsoft faces a considerable challenge in
its aim to present itself as a security company. Indeed, another
recent survey carried out by Sophos shows that only 28% of
respondents rated Microsoft as their most trusted operating system
when it comes to security, while 47% believe Linux and Unix are the
most secure.
"Microsoft is stuck between a rock and a hard place when it
comes to vulnerabilities," continued Cluley. "When it goes public
about its security holes, a virus can be written to exploit them
and many businesses may not have rolled out the patch. If it kept
quiet, someone could still write a virus and everyone would ask why
Microsoft hadn't warned anyone of the vulnerability. In either case
these flaws are going to be an ongoing problem as Microsoft tries
to convince people it's a serious player in the security
market."
In the last twelve hours Sophos has detected and protected
against seven more worms which exploit the same vulnerability -
bringing the total amount to 19, all of which attempt to slip
through the same hole to infiltrate businesses and seize control
over innocent users' PCs. Businesses which have been hit hard in
the last few days include CNN, Financial Times and New York
Times.
Sophos stresses that it is vital all businesses ensure they are
properly patched against Microsoft security holes and protect all
tiers of their organization with automatically
updated anti-virus software to reduce the risk of
infection.
-
1005 respondents. Poll conducted by Sophos
between 10:39 17 August and 12:56 18 August, 2005
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.