The week in review: Worm worries

A fast-moving but poorly constructed worm took the Web by storm, exploiting a very common Windows flaw despite warnings and an available patch.

Steven Musil Night Editor / News
Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.
Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.
Steven Musil
4 min read
A fast-moving but poorly constructed worm took the Web by storm, exploiting a very common Windows flaw despite warnings and an available patch.

Named after the msblast.exe file that contains the program, the MSBlast Internet worm infected more than 300,000 computers since Monday. The CERT Coordination Center has found that as many as 1.4 million unique Internet addresses appear to be the sources of infections on the network.

However, computers connected to the Internet aren't the only target. Starting Friday, every computer infected with MSBlast is expected to start flooding Microsoft's Windows Update service with legitimate-looking connection requests. The denial-of-service attack could slow--and even halt--access to the primary way Microsoft customers receive updates for their computers.

The worm attacks Windows computers via a hole in the operating system, an issue about which Microsoft had warned. Since the announcement and the release of a patch in mid-July, security experts have been waiting for an online vandal to create a worm that takes advantage of the flaw.

MSBlast is a piecemeal compilation of programs that are cobbled together to do a single job: spread across the Internet. The combination is unoriginal but effective. The worm is successful, not because its creator was knowledgeable about programming, but because a great many people whose computers are connected to the Internet are still ignorant about security.

The ability of the MSBlast worm to spread has underscored the view that today's methods of patching security flaws, while necessary to lock down specific computers, is too time-consuming to react to critical vulnerabilities.

Linux in the ring
The SCO Group is keeping the heat on IBM by terminating a second IBM Unix System V license, one that covers a discontinued operating system IBM obtained through its acquisition of Sequent several years ago. Earlier this year, SCO filed a $3 billion lawsuit that claimed that IBM committed trade secret theft and breached its contract when it allegedly copied proprietary Unix source code into its Linux-based products.

The company reported that it terminated Sequent's Unix contract for improper transfer of source code and development methods into Linux. IBM again denied that SCO's actions had merit. "IBM withdrew (the operating system) and the associated hardware long before the suit was filed," a representative said. "This seems to be another attempt by SCO to generate press coverage."

SCO also announced that it had won a paying customer from the Fortune 500 list of the world's biggest corporations, although SCO declined to reveal the company's identity or licensing specifics. SCO said the deal illustrates the merits of its case, but analysts said the undisclosed terms of the deal could mean that it offered a good price to try to build momentum for its plan.

Tech in court
A federal court in Chicago ruled that Microsoft must pay $521 million to a Web technology company and the University of California after finding that the software giant's Internet Explorer infringed on their patents. The company, called Eolas Technologies, originally filed suit against Microsoft in 1999, alleging that Microsoft infringed on its patents when it enabled Internet Explorer to use plug-ins and applets in the software.

An attorney who represents Eolas said the jury likely was swayed by internal documents from Microsoft. The specific patent from Eolas was not mentioned in the documents, but Microsoft executives had described the necessity for technology that conformed to the outlines of the patent. Microsoft said it will appeal.

The judgment against Microsoft has raised speculation over which company might be the next target of Microsoft's pursuer. Since applets and plug-ins are also a key feature of other Web browsers, the Eolas decision could affect Microsoft's competitors in the browser market such as Opera Software.

Other potential targets include companies that redistribute open-source browser software or base products on such programs. Red Hat, SuSE, Apple Computer and Hewlett-Packard are among the companies that fall into one or another of those categories.

PeopleSoft amended its lawsuit against Oracle, charging that its rival's unwelcome acquisition bid was mainly designed to disrupt its business. PeopleSoft expanded the suit to include "extensive new facts about Oracle management's ongoing acts of unfair trade practices, including its efforts to disrupt PeopleSoft's customer relationships."

The amended suit alleges that Oracle deliberately tried to mislead PeopleSoft customers about Oracle's plans to support PeopleSoft products and interfered with customers of J.D. Edwards, who are soon to become PeopleSoft customers though a pending acquisition.

Apple reached a tentative settlement in a class-action lawsuit that alleged the company had failed to fully support Mac OS X on some G3-based Macs. The Mac maker agreed to refund the $129 purchase price of Mac OS X for customers who bought it for use on certain G3 Macs and have never been able to fully take advantage of it.

The deal would settle a lawsuit filed in Los Angeles Superior Court in January 2002. The suit claimed that Apple had promised that OS X would be "fully optimized" to run on all G3 machines but charged that such optimization was not done.

Also of note
A new file-swapping network in the West Bank is openly flouting international copyright norms at a time when many older peer-to-peer companies are trying to establish themselves as legitimate technology companies?AOL Time Warner is considering dropping the "AOL" moniker from its corporate name?An Internet company trade association sent a letter to the Recording Industry Association of America, asking for information and dialogue over issues related to the subpoenas being issued for file swappers' identities...A massive power outage in the Niagara Mohawk grid prompts Northeast wireless users to turn to landlines and major airports to halt flight departures.