Microsoft has stymied the expected attack of the Blaster worm by taking the novel step of eliminating the windowsupdate.com address and unlinking it from its WindowsUpdate service, said an Internet performance monitoring firm Friday.
The result: there should be no major Internet overloads caused by Blaster during the day. Lloyd Taylor, the vice president of KeyNote, a San Mateo, Calif.-based Internet monitoring company, said that the approach, while unusual, was fairly straight-forward. “Microsoft's pulled the teeth from Blaster,” he said, by altering the domain name service (DNS) servers that are the Internet's address book. Normally, windowsupdate.com, the target address embedded in the Blaster worm, links to Microsoft's WindowsUpdate service, which provides patches for the company's products, including those necessary to fix the flaw in Windows NT 4.0, 2000, XP, and Server 2003, which Blaster exploits.
|