Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
Symantec Sees Spike in Dangerous Microsoft Attacks
Symantec is warning of a sharp jump in online attacks that appear to be targeting a recently patched bug in Microsoft's Windows operating system, an analysis that some other security companies disputed Friday.
November 21, 2008 — IDG News Service —
Symantec is warning of a sharp jump in online attacks that appear to be targeting a recently patched bug in Microsoft's Windows operating system, an analysis that some other security companies disputed Friday.
Symantec raised its Threat Con security alert level from one to two because of the attacks, with two denoting "increased alertness." But other vendors, including Arbor Networks and McAfee, said they were seeing no such activity.
The attacks spotted by Symantec target a flaw in the Windows Server Service that Microsoft says could be exploited to create a self-copying worm attack. Late last month, Microsoft took the unusual step of rushing out an emergency patch for the bug after it saw a small number of online attacks that took advantage of it.
Since then, security experts and Microsoft have said that the attacks have not been widespread, but that may now be changing, according to Symantec.
The security vendor said it had seen a "dramatic rise" in attacks targeting TCP (Transmission Control Protocol) port 445. A TCP port is a number assigned to packets of data sent over the Internet to help computers know what program should be processing the information. Web browsers, for example, typically use port 80. Port 445 is one of two ports used to connect with the Windows Server Service.
This activity "appears to be related to the exploitation" of the Windows Server bug, Symantec said in a note on its Web site.
Most firewalls block port 445, as well as the other port used by Server Service, port 139, but Symantec said Windows users should still make sure they've applied the MS08-067 patch for the bug.
Attacks on the bug had focused previously on Chinese versions of Windows, but the latest attacks target English versions, Symantec said.
Arbor Networks disputed Symantec's interpretation, saying, "we’re not seeing this rise, not on TCP port 445 and not on TCP port 139. Looking over the last month we don’t see this rise in MS08-067 attacks that would raise any alarms for us," in a Friday blog posting.
Both McAfee and Microsoft echoed those sentiments.
"Microsoft continues to see limited, targeted attacks that attempt to exploit this vulnerability," Microsoft said in a statement.
On the other hand, the Research and Education Networking Information Sharing and Analysis Center, which monitors research and university networks, reported that it had seen a bump in port 445 activity.
Security experts say that if criminals are targeting specific networks with their attacks, it could account for the discrepancy.
Copyright © 2008 IDG News Service. All rights reserved. IDG News Service is a trademark of International Data Group, Inc.
The Business of Managing Content: Xythos Document Management & Microsoft SharePoint
The Intelligent Enterprise
Mobility is Growing: Survey Shows Why CIOs are Concerned
The Move Toward Mobilization
Protecting the Code: Technology Escrows Safeguards Critical Software
Optimizing Infrastructure Control
Raising the Bar on Business Service Delivery: Best Practices in Application Performance
Optimizing Wide-Area Data Services Webcast
Why CIOs should embrace Web 2.0
Dashboard Strategies for Business Users
Grassroots Data Governance with SAP MDM
Building Competitive Advantage with Next-Generation Wireless Infrastructure
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
AMD to Bring HD Gaming and Movies to Mobile Phones
Intel-Backed Enterprise 2.0 Suite is Discontinued
Wall Street Beat: IT Faces Tough Start to 2009
Dual-Mode Smartphones Help Boost Wi-Fi Shipments
Palm Announces WebOS and Pre Phone
Nokia Ends Production of Its Only WiMax Device
FAQ: How to Get the Windows 7 Beta
HP Aims TouchSmart Desktop PC at Businesses
Red Hat to host Second Life-like virtual JBoss trade show
Windows 7 Public Beta to be Available Friday
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
- CIO|
- Computerworld|
- CSO|
- DEMO|
- Game Pro|
- Games.net|
- IDG|
- IDG UK|
- IDG Connect|
- IDG Tech Network |
- IDG World Expo|
- Industry Standard|
- InfoWorld|
- ITworld|
- JavaWorld|
- LinuxWorld|
- MacUser|
- Macworld|
- Network World|
- PC World|
- Playlist|
- CIO UK|
- CIO Germany|
- CIO China|
- CIO Sweden|
- CIO Australia|
- Other CIO Sites
