With frustrations mounting as the Zotob worm continues to crash computer networks, a poll Thursday found more than one-third of businesses blame Microsoft for the outbreak, and not the creators of the worm that exploits a vulnerability in the software giant’s Windows operating system.
In a web poll of more than 1000 users, 35 percent of the respondents held Microsoft responsible for the mess as Windows had a software flaw that allowed the worm to sneak in, Sophos, the IT security firm that conducted the survey, said.
The Redmond company is not alone in incurring the wrath of business users. Some 20 percent of respondents pointed the finger at system administrators for not patching the systems quickly enough.
RedmondOddly, less than half of those polled, 45 percent, blamed the writers of Zotob and its many variants that first began striking computers Sunday (See Zotob Virus Strikes Windows).
Zotob Virus Strikes Windows“It is most surprising that so many people blame Microsoft for having the software flaw in the first place,” said Graham Cluley, senior technology consultant at Sophos. “Many respondents appear to be incredibly frustrated by the constant need to roll out emergency patches across their organizations."
Microsoft spokesperson Kjersti Gunderson declined to comment directly on the Sophos data, but forwarded a company statement that said, in part, "no software is 100 percent secure" and that "responding to security vulnerabilities can be a complex, extensive, and sometimes time-consuming process." The statement said Microsoft is "committed to keeping the number of security vulnerabilities that ship in its products to a minimum."
can be a complex, extensive, and sometimes time-consuming process." The statement said Microsoft is "committed to keeping the number of security vulnerabilities that ship in its products to a minimum."
Security analysts questioned the user anger over Microsoft as the company was the first to discover the security loophole in its operating system. The company released a patch for it August 9, five days before the outbreak. However, many users failed to download the patch and update their systems, making their computers vulnerable to Zotob.
"Microsoft is stuck between a rock and a hard place when it comes to vulnerabilities," said Mr. Cluley. "When it goes public about its security holes, a virus can be written to exploit them. If it kept quiet, someone could still write a virus and everyone would ask why Microsoft hadn't warned anyone of the vulnerability.”
Mutating Fast
Zotob has infected computers in major media organizations like CNN, ABC, and The New York Times by exploiting a vulnerability in Microsoft’s Windows 2000 operating system that allows it to seize control of users’ PCs. It also struck payment giant Visa (See Zotob Morphs into 11 Variants).
ABCZotob Morphs into 11 VariantsSince Wednesday, seven more variants had been detected, bringing the total number of Zotob variants to 18, said Sophos.
Despite the havoc that Zotob has wreaked and any damage it has caused to Microsoft’s image, the incident is unlikely to have any impact on the Redmond giant’s sales, analysts said.
Redmond“In the past, we have seen that even after a worm or virus attack that is severe, it is mostly business as usual for Microsoft,” said Matt Watchinski, director of vulnerabilities for Sourcefire, an enterprise security company. “We just don’t have any data to support the idea that users switch their systems if they face security issues on Microsoft products.”
Another Sophos survey showed only 28 percent of respondents rated Microsoft as their most trusted operating system when it comes to security. Meanwhile, 47 percent believe open-source Linux and Unix are the most secure.
But this perception is unlikely to lead to more enterprise users switching to alternative operating systems, analysts said.
Other Vulnerabilities
Microsoft isn’t the only company with vulnerability issues. Publishing software giant Adobe issued an advisory of its own, warning users of a security flaw in the Acrobat and Reader applications.
AdobeA specially crafted malicious PDF file could be used to exploit a vulnerability in Adobe’s software, causing infected computers to shut down or grant a backdoor entry to hackers, the company said.
The bug affects Adobe Reader for Windows, Mac OS, Linux, and Solaris. It also affects Adobe Acrobat for Windows and Mac OS, Adobe said.
Secunia, a security software firm, has rated the bug as “highly critical.” But the good news for users: there is currently no worm or virus out there to exploit this loophole.
Adobe has released patches and updates for users to download to fix the problem.
Despite its high rating, the Adobe vulnerability is unlikely to wreak as much havoc as Zotob and its variants, analysts said. For starters, Adobe has a much lower profile than Microsoft, which is probably the favored target of worm writers and hackers.
Also, Adobe’s vulnerability is a client-side one, as opposed to Microsoft’s flaw, which enabled the worm to spread through networks, said Mr. Watchinski.
“To exploit Adobe’s security flaw, users will have to go to a site and download something that could perpetuate the worm and infect their computers,” he said. “But Zotob does not need a catalyst and uses networks to jump from computer to computer.”