Microsoft's WindowsUpdate.com website was inaccessible early Friday, one day before a new variant of the W32.Blaster worm was set to spawn a massive denial of service (DoS) attack on the site.
A Microsoft spokeswoman said the "Microsoft.com site experienced a DoS attack at 8:45pm PDT on Thursday [4:45am Friday UK time], but that it was not due to the Blaster worm, nor caused by the major power outages that have affected the US east coast."
"We are currently investigating the cause of the attack but it was not Blaster," the spokeswoman said.
This contradicts rumours that have been rife in the antivirus community. A press release from anti virus specialist, BitDefender, yesterday warned that Microsoft's Windows Update site could come under attack from a DoS instigated by the bug MSblast. BitDefender said "[MSblast's] three versions enclose instructions to launch a DoS attack against WindowsUpdate.com, beginning from tomorrow [Thursday]."
BitDefender's Bogdan Irina, suggests this could be the first salvo in virus writers' war against Microsoft: "This could be the beginning of a campaign initiated by virus writers groups." Mihai Radu, BitDefender communication manager, agrees, saying that he thinks the attack is a response to Microsoft's recent attempts to improve the security of its products, including its purchase of RAV Antivirus.
Radu also believes that the WindowsUpdate.com site could come under more attacks from the Blaster worm, as any of the many PCs infected by this bug could launch a future attack. He says he doesn't understand why Microsoft is denying the DoS attack is anything to do with the Blaster worm, saying that his company had even received a warning about potential DoS attacks caused by the virus from Microsoft.
Microsoft says that both the WindowsUpdate.com and Microsoft download centre sites remained available to customers during the attack and PC Advisor was able to access them both this morning. Although she could not confirm that the entire Microsoft.com site was up and running again and to access the update site it is best to go via Microsoft.com or to search for it using Google, as we were unable to get to the site using the WindowsUpdate.com URL.
The new version of Blaster, which has spread quickly this week, infecting up to one million computers according to some estimates, is expected to spawn a DOS attack on the WindowsUpdate.com site on Saturday.
Users of the Windows 2000, Windows XP, Windows NT and Windows Server 2000 software were advised by Microsoft to take security precautions such as downloading the latest patches, using a firewall and installing antivirus software. A disruption of the Microsoft site could affect users' ability to download needed patches, however.
But the software maker said today that it is taking aggressive steps to keep the site up, but if it becomes inaccessible users will be able to access and download the Blaster patches here. More detailed instructions on how to take the preventative measures are also detailed at that address.