Q

Should a worm patch or push security updates?

In this expert response, Richard Brain explains why "offensive" worms should not be used to propogate patches.

Richard Brain

Should "offensive" worms be used to propagate patches? Is it safe to use code that acts like malware in order to defeat malware?

In my opinion, an 'offensive' worm should never be used to spread patches. It is a dubious practice and can create all sorts of unintended consequences.

A computer worm is normally designed to infect as many computers as possible using a number of different attack vectors, with each attack vector exploiting a certain weakness which might exist on computers -- for example, Window file shares, emails or buffer overflows in Web servers.

In carrying out the attack, it is common for the worm to replace or modify webpages with its own content so it can spread itself to more computers. The problem with all of this attacking and modifying is that websites and computers will break due to the almost infinite variation of services and webpages. The worm, when patching and modifying a website with its code, can stop the page from being displayed properly or not at all. And when attacking different vectors, it can deny service by using up resources like bandwidth -- or denying access to the service by causing it to fail.

This was last published in May 2009

Related Q&A from Richard Brain

Dynamic code analysis vs. static analysis source code testing

Managing vulnerabilities involves a wide array of security testing, including both dynamic and static source code analysis. Learn how the two differ,... Continue Reading

Pwn2Own results: The most secure Internet browser for enterprises

Which browsers are secure enough for enterprise use, and which should be avoided at all costs? In this expert response, Richard Brain examines the ... Continue Reading

Google cloud applications: Secure enough for the enterprise?

Google cloud applications aren't necessarily known for their security. In this expert response, learn what to watch out for when considering using ... Continue Reading

Read more on Hackers and cybercrime prevention

All
News
In Depth
Blog Posts
Opinion
Photo Stories
Videos

Start the conversation

Send me notifications when other members comment.

-ADS BY GOOGLE

SearchCIO

Surveillance technology under fire, amid growing societal concerns

As San Francisco halts city use of facial recognition technology, CIOs could see more regulatory actions against surveillance ...
Deep learning pioneer Fei-Fei Li on the fundamentals of ethical AI

AI luminary Fei-Fei Li was among a group of distinguished AI researchers asked to share their thoughts on how to develop ethical ...
Andrew Ng's AI playbook for the enterprise: 6 must-dos

AI legend and online education pioneer Andrew Ng has developed an AI playbook for businesses. Here are six must-dos.

SearchSecurity

Microsoft bets on ElectionGuard SDK to fortify election security

Ahead of the 2020 elections, Microsoft unveiled ElectionGuard, an open source SDK designed to provide end-to-end verification of ...
10 ways to prevent computer security threats from insiders

Whether via the spread of malware, spyware or viruses, insiders can do as much damage as outside attackers. Here's how to prevent...
'BlueKeep' Windows Remote Desktop flaw gets PoC exploits

Multiple researchers created proof-of-concept exploits, including remote code execution attacks, targeting the recently patched ...

SearchNetworking

The status of white box networking in the enterprise

Despite the benefits of white box networking, most enterprises are cautious about deployment. Use these five questions to ...
Could open switches be a game-changer for your network?

Before selecting campus edge switches, consider evaluating open switches -- versus switches from a traditional vendor -- and ...
What do you know about the history of Wi-Fi?

If you ever wonder how Wi-Fi got to where it is today, this quiz takes you through the vast history of Wi-Fi, from the first ...

SearchDataCenter

How do I size a UPS unit?

Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...
How to enhance FTP server security

If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...
3 ways to approach cloud bursting

With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...

SearchDataManagement

The main picks for Hadoop distributions on the market

Check out the current top Hadoop distribution vendors in the market to help you determine which product is best for your company.
Inside view of Tibco integration architecture planning

Tibco's acquisitions of well-regarded, small software specialists such as SnappyData are part of a drive toward what it calls '...
Lumina launches Radiance, a data risk management platform

In an effort to prevent data loss, Lumina launched Radiance, a SaaS data risk management platform. It collects and analyzes data ...

Close