Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Witty Extinction
Kelly Martin, 2004-04-07

The Witty worm set a dangerous precedent on the Internet because it introduced a number of evil new "firsts" in the ever-changing world of modern worms and viruses.

Comments Mode:
But they WEREN'T current with their patches... 2004-04-07
InvisiBill
Witty Extinction 2004-04-07
Matthew Murphy
Witty Extinction 2004-04-08
Anonymous
Witty Extinction 2004-04-08
Leonidas
Witty Extinction 2004-04-08
Anonymous Coward
Let's not allow ISS to rewrite history..... 2004-04-08
carter_ronin
The Vulnerability was discovered on the 8 March 04. Reported to the X-force (ISS's research arm) on the ninth, Published on the 18 March 04, by everyone. The PC protection "ccg" patch wasn't available until the 19th (ten days?), and still had to be followed up days later by cch!

....do is sound pissed?
After reading "invisible's" recounting of ISS- Johan Becker's statement -- I am.

Of course this is just stacked on top of the rage i was feeling as i was WATCHING the worm blast thru unchecked. I was manually blocking the IPs (five), until i unplugged from the cloud. Thinking i was experiencing a BI freeze up, I rebooted....--> payload delivery was complete.

The arrogance of a corporate officer (ISS-becker)to dismiss affected users by stating they were not legal users is shortsighted if not repulsive.

I am a legal user, and there is no way that this could be a pushed off as a zero-day event, when it was exposed ten days prior. There was no Email from ISS or Product Update Icon toggled.... until AFTER the intrusion event.

Aside from the X-Force paper in the sidebar of their webpage, their was no great urgency on their part to inform their user's. (i was checking the ISS site - 19, 20, 21 Mar) But i guess that is why we all accept lengthy licensing agreements. "use at your own risk, but we feel it's worth the US$50 a year."

So to the end of my RANT...
ISS you have lost a customer... one that was legally using your BI Pc protection software... checking for weekly updates in sync with my AV software... Using your stuff to wall off my piece of the cloud.

ISS, you have turned out another advocate for hardware firewalls and an outspoken opponent of any of your products through your misguided attempts at shifting blame to the user, and downplaying the extent of the total users affected...

NEXT time you have a vunerability, show a little corporate responsibility, remember the little guy, and put in big BOLD letters on the website... HOUSTON, We have a Problem!



Sorry for the legnth,
Brian


Note: other BI users i know who weren't using the ccf version, went unaffected?



[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/232/25731#25731
DiD is the key 2004-04-09
Anonymous (1 replies)
DiD is the key 2004-04-15
Reality
Witty Extinction 2004-04-13
Anonymous
Witty Extinction 2004-04-13
Anonymous
ISS not to be blamed 2004-04-14
Mohammed Abdel Kader







 

Privacy Statement
Copyright 2009, SecurityFocus