Related Resources • Critical Windows Flaw • Virus Encyclopedia • Glossary of terms

Elsewhere on the Web • MS Avoids Blaster • Blue Mountain Internet • Windows Update Site

Microsoft deemed it a success. F-Secure called it a draw. Others are calling it a disaster. The controversial solution Microsoft employed to thwart the MSBlaster's threatened DoS attack was to no longer resolve windowsupdate.com to windowsupdate.microsoft.com. In plain english, this means an awful lot of folks who have been taught to visit windowsupdate.com to get the latest Microsoft patches will now no longer be able to do so. It seems Microsoft's attempt to sidestep MSBlaster's intended DoS may leave users at greater risk of future infection

Compounding the issue, an attempt to visit http://windowsupdate.com results in a standard "The page cannot be displayed" error message which proclaims, "The Web site might be experiencing technical difficulties, or you may need to adjust your browser settings." For many users, this greeting is far less friendly than the typical "Page cannot be found" and implies, however incorrectly, that an error has been made.

Ruben Bybee, General Manager of Blue Mountain Internet, expressed concern for the millions of users affected, "I think the MS approach to completely kill this well known update web site will result in fewer people being able to find the updates and keeping their computer patched."

In a PC World article, Sean Sundwall, a Microsoft spokesperson, defended the decision, claiming that "windowsupdate.com is a nonessential address." Others disagree. Bybee notes that thousands of Blue Mountain customers have been referred to windowsupdate.com in the past. He's in good company - the computer manufacturer Dell lists dozens of support articles all pointing to windowsupdate.com and a quick search on Yahoo.com reveals that hundreds of other companies have done the same.

In short, while Microsoft may have declared windowsupdate.com "nonessential" from their standpoint, Bybee questions the wisdom from the perspective of the "little people" - folks like you and I who have long relied on windowsupdate.com to patch our vulnerable systems. Even more disturbing, what happens when the next worm targets windowsupdate.microsoft.com? Will Microsoft take the same evasive action, essentially side-stepping the worm at the expense of yet another website? Let's hope that Microsoft is not resting on its laurels with this pseudo-solution, and is instead exploring longterm resolution for the problem, for as long as our operating systems provide a veritable swiss cheese smorgasborg of holes that need to be patched, reliable update addresses are required. Otherwise, users will be forced to play a virtual game of leapfrog, resulting in even fewer cases of proactive patching and even greater impact of future exploits.