Microsoft intervention thwarts Blaster attack

News

Microsoft intervention thwarts Blaster attack

Microsoft's removal of the windowsupdate.com domain name appears to have prevented a feared slowdown of the internet as a result of the Blaster worm.

The worm was designed to make every PC it infected go to windowsupdate.com at midnight last Friday. Along with possibly overloading that site, the attack could have affected the performance of the internet as a whole because of the simultaneous traffic it could have generated, said Lloyd Taylor, vice president of technology and operations at web performance management company Keynote Systems.

Estimates say Blaster may have infected as many as one million PCs,worldwide.

Microsoft pulled the windowsupdate.com domain, deleting the DNS (Domain Name System) information for the domain so that it no longer sends traffic to a website.

Because of that action, the worm did not have a significant impact on Internet performance. However, Microsoft's move did not prevent PCs from being infected by the worm.

In addition, variants of the Blaster worm with different effects on the infected systems have been observed on the Internet, Taylor warned.

Stephen Lawson writes for IDG News Service


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy