Microsoft has NOT shut down any of their external sites. Windows Update has been a bit slow the last couple of days, but it is definitely still running, as are the rest of their sites.
Don’t you think it would be a bit stupid to prepare for a DOS attack by shutting down the web servers ahead of time? Something comes to mind about “cutting off one’s nose…”
The only thing MS has turned off is the DNS listing for http://windowsupdate.com. This, apparently, is the address that the worm was set to attack, rather than the site to which that address automatically redirected.
The automatic Windows updating service still works, since it never pointed to that address in the first place. If you want to check manually for updates, you can go to http://windowsupdate.microsoft.com, which is working just fine (I just checked).
Note: Another program/hack/whatever that people might get due to the exploit is OXKUUKDNTQ.EXE. I just finished cleanign my friend’s computer, and it prevents the opening of msconfig and the Windows Task Manager.
To clean it, load up Windows in Safe mode, open Regedit, then click Edit, Find, and type in OXKUUKDNTQ.EXE. There are several instances of the file in the registry, so search four or five times until you get the message that the search has finished.
btw is this something you have to download and run for it infect you or are you vulnerable just being online without protection?
You’re vulnerable just being online. A firewall blocking port 135 will keep you safe from MSBlast, but you should install the patch as soon as possible.
Suburban Plankton, Early Out: Microsoft did, indeed, shut down the Windows Update service and other Microsoft external systems, including Microsoft.com. As far as I know, these systems have since been reactivated, after moving Windows Update to its new address (or deactivating the old one, whatever DNS wizardry they did). And, in fact, shutting down or null-routing servers is one of the few ways to mitigate the effects of a DDoS attack. There are far more important considerations in many cases than just keeping servers up, such as health of larger networks and bandwidth costs.
But that’s not what you said. Any cite for Microsoft “shut(ing) down their external websites, including Windows Update”? My IT Staff say that it has never been shut down, and that what Early Out said was in fact correct. And our call into Microsoft corporate support also said this didn’t happen as well.
I would not recommend people download any “official” Microsoft patch from any place other than Microsoft itself. Especially from one which brags about “insulting hairy leg lesbo feminists since 1995”. :rolleyes: That sort of violates the whole concept of “chain of control” of patches in the first place. Those who have been online for more than the last year or so might remember the issues with viruses in “official” patches and upgrades for both Windows and device drivers distributed from “unofficial” sites.
thanks Joe Random, i’m already patched. was just wondering how it worked. firewall, virushields, patches, spybots etc etc - it’s a war!
Alereon, please do not link to 3rd party sites offering direct downloads of official Microsoft patches. This is not only a security risk, but is also a violation of the license agreement. While your intention may be noble, it cannot be permitted on this board. Your post has been edited, and the link removed.
From the End User License Agreement of the Microsoft Patch:
-xash
General Questions Moderator
Anthracite: Pardon me for thinking that the simultaneous downtime of a number of Microsoft sites, including Windows Update and microsoft.com, at a time when Microsoft was known to be making network changes to resist upcoming DDoS attacks, were Microsoft’s doing. And while I agree that it is, of course, better to get patches from the source, it’s kind of hard to do that when the official site is down.
xash: Sorry, I completely forgot that there was an EULA on patches. Won’t happen again.