Microsoft readies post-Flame Windows Update changes
Paused limited test update for Patch Tuesday, will feed more secure update client 'in a few days' to stymie Flame-like attacks
Computerworld - Microsoft will start feeding users an update to the critical Windows Update service in the next few days, several security experts said today.
Windows Update (WU) provides security patches and other fixes to Windows PCs. The service is accessed directly by consumers, and through the Windows Server Update Services (WSUS) component by enterprises.
The update was triggered by the discovery that Flame, a sophisticated, nation state-grade cyber espionage tool, had subverted WU to infect additional PCs within an already-penetrated network. The team behind Flame, which shared code with the makers of the even-better-known Stuxnet worm that sabotaged Iran's nuclear program, pulled off that first-of-its-kind hack by stealing digital certificates from Microsoft.
A week ago, Microsoft announced it would issue an update to WU to prevent copy-cats from duplicating Flame's feat. At the time, it said it would begin serving that update before the end of the week.
Microsoft did, in fact, push the update to some users last week, although it limited the scope of that audience, said researchers.
"It's done and tested, and as we understand it, has been offered to some users," said Wolfgang Kandek, chief technology officer at Qualys, in an interview.
Jason Miller, manager of research and development at VMware, said that he had heard from users who had received the new Windows Update client, and like Kandek, said Microsoft would unthrottle the update -- in other words, begin pushing it to all, or at least more, users -- "in a few days."
Microsoft also heeded calls to wait until after yesterday's Patch Tuesday to refresh WU by pausing the update, limited though it was, until users' PCs began downloading fixes for the 26 flaws the company delivered this month.
Several researchers, including Kandek and Andrew Storms, director of security operations at nCircle Security, said they had emailed contacts at Microsoft urging the company to wait.
"They released the WSUS update Friday, and started the WU update, but not everyone got it," said Kandek. "Then they put a pause on WU."
Last week, Storms had hoped Microsoft would do the smart thing, and delay the WU update until after Patch Tuesday, noting that to do different might delay some businesses deployment of the fixes.
- Cyberattacks could paralyze U.S., former defense chief warns
- The NSA blame game: Singling out RSA diverts attention from others
- Jury still out on FISA court
- Suspected China-based hackers 'Comment Crew' rises again
- Chinese hackers master the art of lying in wait
- Spy court OK'd all U.S. wiretap requests it received in 2012
- Groups denounce FBI plan to require Internet backdoors for wiretaps
- South Korea cyberattacks hold lessons for U.S.
- U.S. military networks not prepared for cyberthreats, report warns
- Return of CISPA: Cybersecurity boon or privacy threat?
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Why You Need a Next-Generation Firewall This white paper explores the reasons for implementing next-generation (NG) firewalls and lays out a path to success for overburdened IT organizations.
- Infographic: Converged Infrastructure Benefits This Infographic quantifies the savings organizations are realizing from increased deployment speed, higher availability, and lower annual costs.
- CIOs Deliver Productivity Breakthroughs with Intelligent Digital Signage Retailers have long recognized the influence that digital signage provides over a shopper's point-of-purchase decision making process.
Enhance Your Virtualization Infrastructure With IBM and Vmware
Date: Wednesday, May 14, 2014, 1:00 PM EDT
Virtualization technology is now expanding beyond the server compute elements to encompass networking and storage...
Transforming Finance, Procurement and Supply Chain Effectiveness with Cross-Functional Analytics
Date: May 6th, 2014
Time: 1 PM EDT
Attend this Webcast to find out how Oracle's packaged analytic applications enable line-of-business managers to examine all...
All Malware and Vulnerabilities White Papers |