Friday, October 8, 2010

Microsoft patches wormhole -- maybe.

One of the good things about Microsoft's Windows operating system is that it is normally configured to update itself over the Internet.

One of the bad things about Microsoft's Windows operating system is that updates required to address severe vulnerabilities in its software are sometimes far to frequent for comfort.

And next week, Windows users can expect a larger than normal payload of patches to be automatically downloaded and applied to their Windows-based PCs.

According to advance reports, a staggering 49 security vulnerabilities will be addressed by the upcoming "mega-update", and some of the holes being fixed are listed as "critical".

One of the biggest factors in creating this swathe of updated code is the now infamous Stuxnet worm.

It is claimed that Stuxnet is malware which was specifically designed to infiltrate PCs being used for control and monitoring applications within industry. While most worms have been written primarily to pluck potentially valuable data such as passwords and credit-card numbers from desktop PCs, Stuxnet seems to be a completely different kettle of fish.

By attacking industrial computers and those which often operate in a dedicated role, Stuxnet has sent shockwaves through the SCADA (supervisory control and data acquisition) industry and brings home the growing vulnerability that might arise when relying on such popular software platforms for critical systems.

News reports indicate that one of the biggest infections has been within computers used by the Iranian nuclear industry.

There is also intense speculation that Stuxnet may be a tool created specifically to infiltrate the Iranian Bushehr reactor and glean clues as to whether it is being used for the enrichment of fuel for a possible nuclear weapons program.

If that is the case then the authors of Stuxnet may even have been written by the US government to achieve this goal.

What ever the reasons or role of Stuxnet, its days may be numbered -- after next weeks huge patch-payload from Microsoft.

Unless of course, Microsoft has been asked by those fighting "the war against terror" to leave just enough of an open "window" to allow them to keep peeking inside the Iranian's nuclear developments.

No comments:

Post a Comment