Microsoft Says Virus Attacked Web Server Computers (Update4)
By Erik Schatzker and Theresa Ebden
Redmond, Washington, Jan. 25 (Bloomberg) -- Microsoft Corp., the world's biggest software maker, said a computer virus is slowing access to some Internet sites by attacking servers that use versions of its SQL database software to operate Web pages.
The ``Slammer'' worm, similar to ``Code Red'' that struck about 300,000 computers in a week in July 2001, slows Web access by exploiting a vulnerability in the SQL software to make servers request data from each other. The spread is slowing and the glitch doesn't harm computers, computer security experts said.
``It increases the amount of electronic traffic on the Internet and that is causing access issue for customers,'' said Microsoft spokesman Matt Pilla. A ``wide variety'' of Microsoft customers have called the Redmond, Washington-based company to complain, Pilla said. He declined to elaborate.
Microsoft Chairman Bill Gates last year directed all employees to review the security of the company's products. Programmers were required to attend workshops on writing code that is less vulnerable to hacking and freezing without warning as part of Microsoft's effort to sell more programs for running the busiest corporate networks and Web sites.
`Non-Event'
Operators of some of the most visited Web sites in the U.S. and Europe said they have not been disrupted.
EBay Inc. spokesman Kevin Pursglove said there was no impact on the largest Internet auctioneer's traffic or operations. AOL Time Warner Inc. spokesman Nicholas Graham said ``the AOL service and network has not been affected whatsoever, across any of the properties we provide or host.'' America Online has 35 million subscribers.
The worm was a ``non-event'' for Amazon.Com Inc., the world's largest Internet retailer, said spokesman Bill Curry. ``It was just a normal day.''
Verizon Communications Inc. the second-largest U.S. provider of fast Internet access over phone lines, had some internal systems slow and they are coming back up, spokesman Mark Marchand said. ``We're using a patch that was developed this morning.'' Verizon's phone system and customers were unaffected, he said.
Glitch
Spokespeople for Deutsche Telekom AG, France Telecom SA, TeliaSonera AB, the Nordic region's biggest phone company, and Internet providers in the U.K. said there has been little impact. ``I'm not aware of any problem,'' said France Telecom spokeswoman Nilou du Castel. France Telecom owns Wanadoo SA, Europe's second- largest Internet-service provider.
The glitch spread to about 25,000 computers and the rate of infections has slowed, said Oliver Friedrichs, a senior manager of Symantec Corp.'s security response group. Symantec, the largest seller of anti-virus software, began receiving reports about the worm at 3:30 a.m. New York time.
The virus began rapidly spreading to servers running the Microsoft software by creating copies of itself, in some cases overwhelming business networks, slowing Internet service and making some Web pages inaccessible, Friedrichs said. It exploits a vulnerability for which Microsoft issued a fix about six months ago, he said. ``Right now, we're seeing more of a drop off.''
Marty Lindner, a team leader at the CERT Coordination Center at Carnegie Mellon University in Pittsburgh, said Internet service providers have done a good job of filtering the worm out.
``It isn't having a major impact globally -- at this point, it's being controlled,'' Lindner said. ``The infection has probably stopped globally.'' The federally funded CERT was created in 1988 as the Computer Emergency Response Team, shortly after a computer virus crippled much of the Internet.
No Accident
Vincent Gullotto, a senior research director for Network Associates Inc.'s Antivirus Response Team, said his team hasn't identified the cause. ``It was definitely not by accident.'' The transmission of some e-mail also was slowed, he said.
The virus has infected servers running the Service Pack 1, or SP1, and SP2 versions of Microsoft's SQL Server 2000 software, Microsoft's Pilla said. Microsoft is conducting tests to confirm that the newer SP3 update is immune.
International Business Machines Corp.'s DB2 program and Oracle Corp.'s database software compete with Microsoft's SQL.
The virus is not harmful to computers, said Howard Schmidt, a computer-security adviser to President George W. Bush, according to AP. Schmidt said the disruption to U.S. government computers was minimal
The Federal Bureau of Investigation said it is monitoring the virus and trying to identify the cause, said White House spokeswoman Tiffany Olson.
The type of virus had been detected as early as May 2002, and ``the onus has been on the ISPs and company systems administrators to take preventative action to keep this from happening,'' Olson said. |
