I’m sure just about everyone has heard about the little worm that’s spreading around the Internet. Heck, even my mother asked me about it when I last talked to her. Microsoft’s solution to saving their precious WindowsUpdate service was to take down the URL completely.
Actually, the news stories are a little misleading. They’ve taked down the windowsupdate.com URL, but the windowsupdate.microsoft.com URL is still up and running. I giess Microsoft’s just fortunate that the worm author just happened to point to the alternate (shorter) URL and Microsoft’s WindowsUpdate feature built in to their operating system uses the longer URL. They’d be in big trouble if the worm was going to hit the same URL as the WindowsUpdate feature requires. Maybe next time they won’t be quite so lucky.
As an aside, here’s an interesting link to a tool put out by Microsoft that will allow the user to scan an entire subnet for machines that are still vulnerable. I found this a few days ago, and used it on our corporate network. Even though we regularly patch our machines, it still found a couple of machines that got overlooked.