Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
 ·Shaw
| reply to daveinpoway
Re: Storm worm seems to be fading away
OK so what I'm interested in here is why is this fading away, what are the causes for its growth and subsequent shrinkage? Was the growth due to slow AV detection, delays in signature distribution, masses of unprotected systems, or what? Whatever it those reasons are they apparently are being fixed as the number of infected systems is dropping.
As far as the reduction I found this statement to be a bit frightening:
Then on September 11, Microsoft added Storm detection (Microsoft's name for Storm's components is Win32/Nuwar) into its Malicious Software Removal tool, which ships with every Windows system. Overnight, Storm infections dropped by another 20 percent.
This implies that 20% (aprox) of the infected systems have no virus protection and are dependent on Microsoft's Malware removal tool for their protection. What about any infected systems after Microsoft updated the Malware removal tool, as that means that they don't have updates enabled or otherwise didn't checked for or apply updates from Microsoft which is scary in its own right.
Once again patching technology is easy, patching people isn't.
Blake
--
Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool |
|
SnowyOne
Premium
join:2003-04-05
Kailua, HI | That all being true then maybe Microsoft via it's Malicious Software Removal tool ought to do a check for an active AV on the installed machine & display a nag screen to install one when one isn't found. |
|
daveinpoway
Premium
join:2006-07-03
Poway, CA
| XP has a Security Center that displays a warning if it detects things like your AV definitions being out of date, firewall turned off and so forth; I can't recall for sure, but I believe this feature was added in SP 2. Obviously, there will be clueless folks out there who are running older, unsupported versions of Windows or who ignore the security warnings. |
|
