Oh, Microsoft
Well, the company can't blame the naysayers for this one. The nasty "SQL Slammer" worm that made mud pie out of Internet traffic last weekend targeted a known vulnerability in Microsoft's SQL Server database software.
The software giant posted a patch to address the problem in June, so it says it bears no responsibility for the havoc wreaked on individual machines because folks didn't install the fix. Security experts, though, say the Dow component's "Trustworthy Computing" initiative is a farce.
The worm wriggled its way around the globe, just as Microsoft celebrated a year of increased focus on the security of its products. Nice anniversary present, eh? Turns out, some of its own computers crashed thanks to the Slammer, too.
Well, if Microsoft itself can't successfully patch its own servers, then how can it rightly expect everyone else to do so? Yes, the patch had been available since June, but because of the extensive testing sometimes needed for installation, the fix clearly wasn't applied as broadly as necessary. And when the company issues patch after patch after patch, it can get a bit complicated, even for the most competent network engineer.
Some experts also argue Microsoft should focus its security efforts on putting out software with fewer flaws and holes to begin with, rather than issuing fixes and patches, and then acting indignant when something like this happens. What a novel idea.
Hopefully, the software giant will learn from being bitten by this worm. No longer can it claim innocence and point haughtily at all the "other" computer companies for not taking its advice to patch their servers. Ironically, the company is now itself just another enterprise marred by a Microsoft flaw.
LouAnn Lofton owns shares of Microsoft.
