:: Deepquest ::

A variant of the Sobig virus that’s clogging networks this week can open a door into networks, allowing hackers to download files, steal system information and spread malicious programs. of course Windows ONLY is affected. Deja vu?

“People are sick and tired of this and don’t want to take it anymore. That’s the kind of groundswell that’s necessary to make (vendors) realize they have to do a better job with software,” said Gary McGraw, author of “Building Secure Software” and a security consultant for the Institute of Electrical and Electronics Engineers.

“If customers yammer more, that will help,” said Bill Cheswick, chief scientist for the Lumeta Corp. in Somerset and co-author of “Firewalls and Internet Security, Repelling the Wily Hacker.”

Computer systems around the world were hobbled last week by Welchia, a “worm” that exploited flaws in Microsoft Windows operating systems to clog networks with unwanted traffic, and Sobig.F, described by one security company as the fastest spreading e-mail virus to date.

The Gartner research firm estimates it cost companies $100 to $500 per affected computer to remove such infections. Costs for downtime and lost sales from the recent bugs could reach $1 billion, predicted Computer Economics Inc. of California

Welchia followed this month’s “MSBlaster” worm. Microsoft had posted software fixes, or “patches,” for both weeks earlier, but many consumers and corporations failed to download them.

To help people keep up — Microsoft has issued about 30 patches this year — the software giant may configure future versions of Windows to install security updates automatically, said Steven Lipner, Microsoft’s director of security engineering strategy.

“We absolutely have the motivation and incentive to make our products secure,” said Lipner, citing $200 million spent designing security features for the new Windows Server 2003 product. Microsoft Chairman Bill Gates made security a priority last year.

A Web site, [url=http://www.microsoft.com/protect,]www.microsoft.com/protect,[/url] explains steps Windows users can take to minimize their online risks.

“The reason is that’s what our customers need and demand, and it’s the right thing to do for our customers,” Lipner said.

But Gartner analyst John Pescatore said a third party should oversee any auto-updating by Microsoft — which powers most of the world’s PCs — to ensure that it won’t tinker with anything besides security.

Sobig.F exploited human weakness. It tricked people into opening an infected file, luring them with come-ons like “Re: Details” and “Thankyou!” that seemed to come from acquaintances. The virus hijacked e-mail addresses from infected machines, which were left exposed to hackers. Infected computers were expected to launch some kind of Internet attack Friday, but Internet service providers took countermeasures and the attack fizzled.

On Thursday, e-mail filters at Earthlink, a major Internet provider, snagged 200 infected e-mails per second, said spokesman Dave Blumenthal.

Richard Smith, a security expert in Massachusetts, said such viruses could be curbed if the biggest Internet providers rejected all e-mails containing “executable” files. Better methods for tracking origins of contaminated e-mail would be useful, too, he said.

A more radical approach to stopping e-mail viruses would involve charging senders for each message, said Michael Eisler of the Internet Engineering Task Force, a volunteer group that sets technical standards.

“But I’m not sure how I’d feel about that,” Eisler said.

His colleague, Brian Pawlowski, noted that nobody contemplated such fees in the Internet’s early days, when it was used by a few researchers who trusted each other.

Cheswick praised Microsoft’s security push as vigorous, if belated. He is optimistic that disruptions like last week’s will become rare events as operating systems gradually grow more bulletproof, and as computer users pay more attention to installing patches, anti-virus programs and firewall software.

more from [url=http://www.nj.com/news/ledger/index.ssf?/base/news-10/1061705127247670.xml]NJ.com[/url]