Microsoft Won't Offer Patch Before Worm Strikes? 274
techmuse writes "According to an article in Information Week, Microsoft is aware that the 'Kama Sutra/Blackworm/MyWife' worm will hit on Friday, overwriting office documents, but will not release a patch until its regular monthly patch release on February 14th. Unless, that is, you subscribe to one of Microsoft's pay security services, in which case your machine will have the worm removed in advance." From the article: "The blog offered no explanation why the tool wouldn't be updated earlier, nor did Microsoft immediately respond to questions. Each month, Microsoft pushes a revised tool to Windows users who have Automatic Update enabled for Windows Update or Microsoft Update. The Redmond, Wash.-based company has released the Malicious Software Removal Tool off-schedule once before, in August 2005, shortly after the Zotob worm began striking Windows 2000 systems."
Try to be a little fair (Score:5, Informative)
Or, if you had read the very article you're posting, "Both the company's free online security service, Windows Live Safety, and its in-beta OneCare Live software, however, will disinfect compromised computers, Microsoft said."
Or if you don't want to pay (Score:3, Informative)
Now, speaking as someone who has tried the online virus scanner, I have to say it works really quite well. It's just the tool to clean your computer of viruses, spyware, malware, unused/unneeded files -- and even knocks out those MICRO$OFT haters on
Haha... (Score:2, Informative)
The constant hate... (Score:3, Informative)
Re:Prior art for this MS business plan. (Score:5, Informative)
This includes the URLS http://beta.windowsonecare.com/ [windowsonecare.com] and http://safety.live.com/site/en-US/default.htm [live.com]
I'm guessing that's free as in beer. I like to bash Microsoft at least as much as the next guy, but I think they've provided a free solution for this one.
-hank
Re:All should not be lost... (Score:5, Informative)
Microsoft is not distributing the patch out of cycle because it is not a vulnerability, it is a mass mailing worm. It has been categorized as low risk. The "unwashed masses" can get the removal tool from
http://www.microsoft.com/security/encyclopedia/de
how about reading TFA? (Score:4, Informative)
from TFA:
Misleading headline (Score:2, Informative)
Re:All should not be lost... (Score:5, Informative)
More like this (Score:2, Informative)
"OK here you go. We also offer a car bomb detection service. Our car is as car bomb proof as we were able to make it but those terrorists are pretty clever. So you can pay us to make sure that any new ways of getting car bombs into cars that we find out about is prevented. "
"No thanks. What are the chances I'm gonna get targeted by a terrorist"
"I want you to fix my car and all other cars for free"
"What's wrong with it"
"Car bomb set to go off in 3 days"
"Well we gave you the car in as good condition as we could and you declined to get any kind of terrorist protection whatsoever either from us or anyone else. We will fix it for free on all cars, but the fix we were working on won't be ready for a 2 weeks. That leaves you out of luck but others that car bombs later will appreciate that. For you we would recommend one of three options. You can pay for our car bomb insurace that you should have gotten in the first place and that will cover the cost of fixing it quick. You can pay another company to do the same. Or third, we have this small program where you can get it done for free or you can go to other free terrorist prevention centers to have it removed. "
Trial/free anti-virus that remove Win32/MyWife (Score:5, Informative)
A bit of searching came up with the following free or trial versions of anti-virus programs which are capable of detecting and removing Win32/MyWife [microsoft.com] (née CME [mitre.org]-24 [mitre.org]):
Alwil [alwil.com] - Avast! 4 Home Edition [avast.com] (free for personal non-commercial use)
ESET [eset.com] - NOD32 trial version [eset.com] (30-day evaluation)
Grisoft [grisoft.com] - AVG Free Edition [grisoft.com] (free for personal non-commercial use)
Kaspersky Lab [kaspersky.com] - Anti-Virus Personal 5.0 [kasperskyusa.com] (30-day evaluation)
McAfee [mcafee.com] - VirusScan [mcafee.com] (30-day evaluation)
Microsoft [microsoft.com] - Windows Malicious Software Removal Tool [microsoft.com] (KB890830 [microsoft.com]) (free)
Panda [pandasoftware.com] - Titanium Antivirus 2006 [pandasoftware.com] (30-day evaluation)
Sophos [sophos.com] - Anti-Virus [sophos.com] (30-day evaluation)
Symantec [symantec.com] - W32.Blackmal@mm Removal Tool [symantec.com] (free)
Trend Micro [trendmicro.com] - PC-cillin Trial Version [digitalriver.com] (30-day evaluation)
I'm certain other readers will look up and post links to additional vendors, too. Ob-disclaimer: I happen to work for one of the companies listed above, so there.
Regards,
Aryeh Goretsky
TROLL???? (Score:3, Informative)
Re:All should not be lost... (Score:2, Informative)
You seem to have that arse about face. It's been getting steadily harder and harder, with every patch and revision, to run executable content directly from an email client.
Not that any version of Outlook has - by design - ever automatically executed attachments.
Time was when someone would send you an e-mail warning you that should shouldn't even click on an attachment since it could be a virus, you would politely tell them it was impossible. Nowadays, that's simply not true any more.
It's always been possible for an attachment to be a virus. Certain Windows email clients make it *marginally* easier for such code to be executed, that's it.