The NYT Gets Slammer Wrong
From this weekend’s New York Times Magazine’s article on viruses:
The Slammer worm would find an unprotected SQL server, then would fire bursts of information at it, flooding the server’s data ‘’buffer,'’ like a cup filled to the brim with water. Once its buffer was full, the server could be tricked into sending out thousands of new copies of the worm to other servers. Normally, a server should not allow an outside agent to control it that way, but Microsoft had neglected to defend against such an attack. Using that flaw, Slammer flooded the Internet with 55 million blasts of data per second and in only 10 minutes colonized almost all vulnerable machines.
Wrong.
A patch was available for that vulnerability in July of 2002. Slammer hit in January of 2003. All the machines that were infected were administered by people who went six whole months without patching their servers.
Of course, if the Times was trying to make Microsoft look bad, they got some help from Microsoft further down:
Critics like Reitinger, the Microsoft security chief, are even harsher. ‘’To me, it’s online arson,'’ he says. ‘’Launching a virus is no different from burning down a building. There are people who would never toss a Molotov cocktail into a warehouse, but they wouldn’t think for a second about launching a virus.'’
No different whatsoever.