Q

Should a worm patch or push security updates?

In this expert response, Richard Brain explains why "offensive" worms should not be used to propogate patches.

Richard Brain

By

Richard Brain

Published: 08 May 2009

Should "offensive" worms be used to propagate patches? Is it safe to use code that acts like malware in order to defeat malware?

In my opinion, an 'offensive' worm should never be used to spread patches. It is a dubious practice and can create all sorts of unintended consequences.

A computer worm is normally designed to infect as many computers as possible using a number of different attack vectors, with each attack vector exploiting a certain weakness which might exist on computers -- for example, Window file shares, emails or buffer overflows in Web servers.

In carrying out the attack, it is common for the worm to replace or modify webpages with its own content so it can spread itself to more computers. The problem with all of this attacking and modifying is that websites and computers will break due to the almost infinite variation of services and webpages. The worm, when patching and modifying a website with its code, can stop the page from being displayed properly or not at all. And when attacking different vectors, it can deny service by using up resources like bandwidth -- or denying access to the service by causing it to fail.

Related Q&A from Richard Brain

Dynamic code analysis vs. static analysis source code testing

Managing vulnerabilities involves a wide array of security testing, including both dynamic and static source code analysis. Learn how the two differ,... Continue Reading

Pwn2Own results: The most secure Internet browser for enterprises

Which browsers are secure enough for enterprise use, and which should be avoided at all costs? In this expert response, Richard Brain examines the ... Continue Reading

Google cloud applications: Secure enough for the enterprise?

Google cloud applications aren't necessarily known for their security. In this expert response, learn what to watch out for when considering using ... Continue Reading

Read more on Hackers and cybercrime prevention

All
News
In Depth
Blog Posts
Opinion
Photo Stories
Videos

Start the conversation

Send me notifications when other members comment.

-ADS BY GOOGLE

SearchCIO

Adobe, Uber on the challenges of digital transformation

Digital transformation initiatives may be all the rage in the enterprise, but they also pose significant challenges to CIOs and ...
Cloud migration failures and how to prevent them

Companies are moving more applications than ever to the cloud, but many of these initiatives fail. Learn how to avoid making your...
Achieving business value from cognitive collaboration

CIOs can take advantage of AI to improve employee and customer collaboration with cognitive capabilities that are now available ...

SearchSecurity

DevSecOps model requires security get out of its comfort zone

Shifting from DevOps to DevSecOps isn't always easy, with the transition requiring changes to culture, processes and people. ...
Exposed Docker hosts open the door for cryptojacking

Security researchers discovered a new Docker worm that has been targeting exposed hosts in order to spread cryptojacking malware ...
Essential instruments for a pen test toolkit

Does your penetration testing toolkit have the proper contents? Learn the must-have tool for any pen tester, as well as specific ...

SearchNetworking

Transform network management with a network automation strategy

Enterprises can employ a network automation strategy to provide some stability for network management and monitoring. Automation,...
Network automation skills and training in demand, research finds

Surprisingly, scripting, programming and software development are not exactly the top network automation skills desired by ...
Gluware network automation update addresses OS changes

Gluware adds to its network automation platform easier management of changes to device configurations and operating systems.

SearchDataCenter

Improve server rack physical security with ISO standards

Safeguarding information access is essential to data center operations. With ISO Standard 27001 and the right locking mechanisms,...
Essential private cloud migration steps

Executive buy-in, application evaluation and tool configuration are all important parts of cloud selection. With these steps, ...
IBM quantum computers' usefulness in sight -- using binoculars

IBM's Bob Sutor discusses Big Blue's new quantum systems and computation center, the realities of quantum computing today and how...

SearchDataManagement

Databricks contributes Delta Lake to the Linux Foundation

Databricks has found a new home at the Linux Foundation for its open source Delta Lake data lake project, in a bid to help grow a...
Apache Rya matures open source triple store database

Open source triple store database technology used by the U.S. Navy moves forward as a stable, mature project at the Apache ...
PostgreSQL 12 boosts open source database performance

Widely used open source PostgreSQL database platform gets a major update providing users with new SQL query capabilities for JSON...

Close