Down the rabid hole
I first became aware of the Outlook/IE bug when I received an email warning from SANS (System Administration, Networking, and Security) advising to take care of the problem immediately by applying a patch available from the Microsoft Website. Even if I had already gone home for the day, I was told, I should drive back into the office to make sure this was done. This urgency was unusual.
At first the reports were a bit confusing. The problem affected Outlook and Outlook Express, but was related to a library (INETCOMM.DLL) that was shipped with Outlook Express and Internet Explorer.
MSNBC.com called the bug a "dangerous new attack method" and warned that it could potentially affect nearly 100 million users. Even the subtitle of the report -- "Now, just receiving an email can be dangerous" -- caught readers' attention. It had the same dramatic tone as that often-quoted movie line: "This time, it's personal." These descriptions created the impression that the terrain of systems security had just changed dramatically.
For the most part, it had not. Though many people, such as myself, were forced to acknowledge that email vulnerabilities could appear on our Windows clients no matter how effectively we warned our users against clicking on attachments, the bug was really just another instance of one of the most common attacks on the Internet. It wasn't a virus; it was a buffer overflow.
Without pictures or conversation
Sysadmins and security specialists alike had grudgingly come to expect more of what we'd already seen -- stylized viruses like those that had been plaguing us earlier. Though the Love Bug virus (one noteworthy example) had caused problems for many organizations and spread quickly around the world, the fact that computer users had to double click on a Visual Basic attachment to set it in motion left some of us feeling that we were still in control.
My current user base consists primarily of Java programmers -- the kind of people who aren't easily distracted by "ILOVEYOU" messages from strangers. Luckily, our natural inclinations (to be cautious of attachments) and our location (on the West Coast of the United States, which meant that local radio stations were reporting the bug before many of us even reached our offices) safeguarded us from these sorts of attacks.
The Outlook/IE bug was different from the Love Bug and its ilk in another very important way -- it was discovered before it was exploited. This may be the normal course of events for many security-related bugs, but it is generally not the case with the kind of security problems that most Windows users deal with. These users generally become aware of a virus only when it's spreading wildly, or after they have been personally affected.
The Outlook/IE bug was discovered and reported to Microsoft by an Argentine security research team known as Underground Security Systems Research (or USSR Labs). Shortly after the group had reported the bug to Microsoft (and while a
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
