CNET también está disponible en español.

Ir a español

Don't show this again

Circumstance brought out MS bug

Software consultant Todd Fast was trying to test an Internet application. Instead, he discovered a Web server bug, and his life has not been the same since.

For Todd Fast, a software consultant in Austin, Texas, last Thursday started out innocently enough.

That day, he was simply trying to test an Internet application. Instead, he discovered a Web server bug, and his life has not been the same since.

Fast was testing an application that required a long string of characters to be written as an URL in a browser. During the process, he inadvertently jammed his Web server, which runs Internet Information Server 3.0 running on top of Windows NT 4.0.

That's when Fast decided to test the problem. "I thought, 'Who do I know who's running IIS?' Microsoft (MSFT), of course."

So he tested the URL at the software giant's Web site. It jammed.

At that point, Fast said both in an interview and on his Web page, in which he chronicles the event, that he realized he had discovered a bug.

"The Web site stopped responding, and I thought to myself, 'Oh, this is a bug.' I created a program to reproduce it and sent it to InfoWorld and Microsoft.

"There was certainly not any malicious intent intended," he added. "It is not something we expected to cause what it did."

Within four hours, Microsoft had developed a patch and started implementing it. By late Friday night, it posted the patch on its site for anyone to download, along with an explanation of what happened.

Meanwhile, the bug had done its damage, helping to keep Microsoft's popular site inaccessible. All day, users complained from around the globe that they were unable to access the page. But Fast said that for the page to be completely shut down by the bug, someone would have had to be virtually flooding the site with the bad URL. He also knew that he had only tested it to verify the problem and had stopped as soon as he realized that it was, in fact, a bug--hours before he sent word of the problem to Microsoft.

Problems with the site persisted on Friday and many reported trouble accessing the site throughout the weekend. A Microsoft spokesman said that engineers were so focused on fixing the problem that they were not tracking where it was coming from or how many times it was replicated. It is possible that others had replicated the bug and set out to attack the company's site.

But the bug could only be blamed for some of the server problems that so many Netizens experienced. Microsoft itself acknowledged that there was another problem: It was--and still is--in the process of upgrading its site, something it says will last through June.

In other words, the bug came at exactly the wrong time, according to Microsoft spokesman Adam Sohn.

The upgrades are causing spotty Web service, Sohn said, and account for at least a portion of the problems Netizens have been having accessing the page.

"This came along and exacerbated some problems that were already there and that we're working to fix," he added. "There are going to be delays now through the end of June. We're trying to make this thing better and faster for everybody."

Meanwhile, Fast is still consulting and trying to get back to business. "I haven't even been in contact with [Microsoft] since they've posted the bug patches," he wrote on his Web page. "They did offer me a T-shirt and 'some free software' for finding the bug, whatever that means. I may, in the future, decide to repost the detailed bug information but for now am content to keep it private."

"It's been a crazy couple of days," he said.

Close
Drag
Autoplay: ON Autoplay: OFF