Microsoft Yells 'Fire!' - Then Bars the Doors

Microsoft (Nasdaq: MSFT) rushed out an emergency security patch for its Windows operating system Thursday in the hope of heading off a potentially crippling hack attack to nearly a billion Windows-powered PCs.

Normally, the Redmond, Wash.-based software giant addresses bugs and security flaws through the issue of so-called software "patches" on the second Tuesday of each month.

The fact that Microsoft felt compelled to issue a patch Thursday underscores the seriousness of the security flaw identified in older versions of Windows, though the company's latest version of the operating system, Vista, is not immune.

The patch was made available at 10 a.m. Pacific time. Microsoft was mum on details concerning the nature of the security flaw and held a live webcast to explain what was behind its issuance of the new patch at 1:30 p.m. Pacific time.

However, Heidi Peterson, a representative from Microsoft's Portland, Ore.-based public relations firm, Waggener Edstrom, refused to grant the E-Commerce Times access to the live webcast.

'A Dangerous Security Problem'

According to a blog post by Microsoft spokesperson Christopher Budd, the flaw is considered less dangerous to Windows Vista and Windows Server 2008 users. However, Windows XP and older versions are particularly susceptible to the security flaw.

"It allows an attacker to remotely take over your computer over the Internet," Rob Helm, director of research at Directions on Microsoft, told the E-Commerce Times. "It's easily exploitable once one person has done it."

For example, someone exploiting the flaw could remotely install a hacked version of Windows that could monitor keystrokes and look for credit card information on an unsuspecting user's PC. That data could then be used for illicit purposes.

According to a blog posted by Washington Post (NYSE: WPO) technology blogger Brian Krebs, "the vulnerability stems from a critical, wormable problem in the Windows server message block service, a component of Windows used to provide shared access to files, printers, and other communications over a network."

Krebs' information comes from an "unnamed source" who told him, "Redmond has acknowledged that criminals have for the past three weeks been using the vulnerability to conduct targeted attacks. The source said that so far, fewer than 100 targeted attacks leveraging this flaw have been spotted by Microsoft's security team, but that Microsoft was rushing out this patch because the number of attacks appears to be increasing of late."

The fact that the security flaw enables attacks over the Internet and affects XP, the most widely used operating system on the planet, makes the flaw a "potentially dangerous security problem," Directions on Microsoft's Helm said.

Security Improvements

So, how does this flaw in Windows stack up against past holes in Microsoft's security?

"I think it's up there with the most serious ones in the past because it's so widespread," Chenxi Wang, an analyst at Forrester Research, told the E-Commerce Times. "There are more than 1 billion Windows installations in the world today -- 180 million are Vista, which leaves about 820 million Windows computers that are XP or older."

That said, Microsoft has made substantial improvements in both the security of its software and its approach to addressing security issues.

"By and large, Microsoft has gotten better, especially in terms of getting the word out and explaining why this is important, at least compared to four or five years ago," Helm said. "The company used to treat attacks as a PR problem and would downplay them and try to stamp them out. Microsoft today treats it as a security problem."

Microsoft has a fairly well-established software security practice in-house, Chenxi noted. "They're doing a lot better than they were even just two years ago."