The threat was a bit overrated, or at least that's not
the kind of threat this was. Vulnerabilities like
this are unlikely to become a worm with the widespread
impact of a Blaster, Slammer or Sober because it
doesn't spread from PC to PC via a listening network
service. I suppose if a prolific, time tested email
worm like Sober had taken the WMF vulnerability and
used it to install a proxy / DDoS Trojan, it could
maybe have spread more widely with more damage caused.
There were rumors of hundreds of thousands to millions
of systems being infected; those rumors were probably
incorrect. Antivirus may have done a better job at
protecting against this than people expected. AV
vendors reported hundreds of thousands to millions of
WMF exploit files being detected and blocked. I
believe there were lots and lots of infection
attempts, just not lots and lots of infected systems.
The exact same thing happened with Download.ject last
year. There was lots of panic and screaming, but few
systems were actually infected. Microsoft stated that
their "intelligence" showed this to again be true this
time around, but their statement was generally laughed
at. Given that they offer a free phone number for
helping any customer with any infection problems, I
would expect Microsoft to have at least some insight
into this.
kind regards,
karl levinson
> -----Original Message-----
> From: pejman.gohari_at_gmail.com
[mailto:pejman.gohari_at_gmail.com]
> The WMF threat was and continues to be important.
> But I’m curious to know why we didn’t observe any
important
> attack on Internet?
> No BOT virus deployed? No DOS worm attack? …
>
> Any hypothese / explanation ?
__________________________________________
Yahoo! DSL – Something to write home about.
Just $16.99/mo. or less.
dsl.yahoo.com
Received on Jan 11 2006
Intro
