New York Times: Worm hits Microsoft, which ignored own advice

John Schwartz reports on this weekend’s SQL Slammer worm — which exploited a security vulnerability in Microsoft’s SQL Server 2000. Turns out many of Microsoft’s own servers hadn’t been updated with a patch issued months ago to eliminate the problem.

“Microsoft has been blaming the users, saying they have to keep their patches up to date,” said Bruce Schneier, founder and chief technical officer of Counterpane Internet Security Inc., a company that manages security for customers. “On the other hand, their own actions demonstrate how unrealistic that position is.”

This site uses Akismet to reduce spam. Learn how your comment data is processed.