Microsoft kills Net address to foil worm

As part of its effort to stop the MSBlast worm, the software giant is eliminating the Windows Update address that the self-propagating program was set to attack.

special coverage
'MSBlast' echoes over Net
 Worm exploits widespread
 Windows flaw

As part of its effort to stop the progress of the MSBlast worm, Microsoft is killing off the Windows Update address that the self-propagating program was set to attack.

Because the worm is programmed to attack only that address and not the site that it redirects to, the software giant has decided to eliminate the address. The move is one of a series of efforts that Microsoft has undertaken to try to thwart an attack on its servers that was expected to be launched by infected computers starting Friday.

"One strategy for cushioning the blow was to extinguish the" site, said Microsoft spokesman Sean Sundwall. "We have no plans to ever restore that to be an active site."

On Thursday, Microsoft changed the Internet addresses that correspond to the entry in the domain name service (DNS) servers that act as the Internet's address book. One source familiar with the change said that the new addresses are no longer on the same network as Microsoft's other servers, thereby insulating the company's servers from any attack aimed at By Friday morning, the Internet address for no longer existed in the DNS database.

Sundwall stressed that the Windows Update service remains up and running, noting that the service never connected to Access to Windows Update is built into the latest versions of Microsoft's Windows client and server operating systems.

To get the latest patches, consumers can type in or, as Microsoft would prefer, go to the main page, where they can find information on downloading patches as well as on setting up a firewall and installing antivirus software.

The worm is programmed to start attacking at midnight Friday in each time zone. As a result, Australia was among the first countries slated to be affected, with its midnight hitting at 7 a.m. PDT.

Even as Microsoft battles the MSBlast worm, the company was hit late Thursday with a separate denial-of-service attack on its main

The company does not know the origin of the outage but said it stemmed from a denial-of-service attack unrelated to the MSBlast worm. Sundwall said Microsoft has "every confidence that it had nothing to do with 'Blaster,'" as the worm is also known.

CNET's Robert Lemos contributed to this report.

Featured Video

Why do so many of us still buy cars with off-road abilities?

Cities are full of cars like the Subaru XV that can drive off-road but will never see any challenging terrain. What drives us to buy cars with these abilities when we don't really need them most of the time?

by Drew Stearne