Alan Paller
Alan Paller
mapping protect situation systems
It is a situation where MCSEs had no idea that there is a fundamental vulnerability in IIS and ISAPI mapping and so had no way to protect their systems other than after-the-fact patching,
ability anyone computer control gives instead internet looking user web whatever
It gives anyone on the Internet who comes in as a browsing user the ability to take control of your site. Instead of looking at Web pages, they can make your computer do whatever they want.
appear plain
Most of them, ... appear to be just plain thieves.
ahead angry bad careless consider corporate critical far frustrated improving investment large list managers microsoft normally operating persuading products repeatedly security shown situation software succeeded system tools
Most large organizations have a big investment in Symantec tools and wouldn't normally consider switching. This year, however, Symantec's products have repeatedly shown up on the list of the software with critical new security vulnerabilities. Many corporate IT managers are angry and frustrated that their security vendor is as careless as the operating system vendors in writing bad code. And Microsoft has succeeded in persuading many of them that they are far ahead of other software vendors in improving the situation for new products.
delay excuse
Microsoft's delay is inexcusable. There's no excuse other than incompetence and negligence.
dealt internet traffic wave
That could be a real wave of traffic that the Internet has not dealt with.
automated bad deliver enormous five forcing guys past progress start
We have made enormous progress over the past five years by forcing the vendors to deliver automated patching. Now the bad guys are saying: 'You did that, now we're going after the applications.' Now we have to start all over again.
behind care dangerous health regular security
Fundamentally, it's an organization that is behind in making security part of its regular operations. It's very dangerous for health care data.
attachment banning early legitimate limits list major news picture radical reporters rule start
If an early infectee had an e-mail list with reporters at all the major news services, that would start the cascade. News organizations do not have radical e-mail attachment limits (like a rule banning all picture attachments) because they get legitimate pictures.
computers control course pay tapping
Of course it's the government. Governments will pay anything for control of other governments' computers. All governments will pay anything. It's so much better than tapping a phone.
systems terrible widespread
It would have been terrible (without the widespread patching). That got a lot of systems fixed.
denial fighting hard people savvy service time
This illustrates that even technologically savvy people have a hard time fighting off denial of service attacks.
attacks defended
American corporations are being riddled by (computer) attacks ? they are being defended very badly.
automated bottom government line nearly operating past popular protected security six systems targeted targeting
The bottom line is that security has been set back nearly six years in the past 18 months. Six years ago, attackers targeted operating systems and the operating system vendors didn't do automated patching. In the intervening years, automated patching protected everyone from government to grandma. Now the attackers are targeting popular applications, and the vendors of those applications do not do automated patching.