This has nothing to do with the number of updates, but the fact that everyone was applying them at roughly the same time. They could have 1 update a month on their regular schedule and the effect, from Skype's standpoint, would be the same. And some would dispute your claims about the number of updates (http://blogs.technet.com/security/archive/2007/08/16/july-2007-operatin g-system-vulnerability-scorecard.aspx ), at least as compared to the competition. Do MacOS and RedHat have too many updates too?
Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.eweek.com/cheap_hack/ Contributing Editor, PC Magazine [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Monday, August 20, 2007 11:17 AM To: [email protected] Subject: RE: [funsec] Did Windows Update take out the Skype network? Here's the official Skype blog entry on the meltdown: http://heartbeat.skype.com/2007/08/what_happened_on_august_16.html In my book, there are way too many security patches for Windows. The Skype meltdown is an example of collateral damage. Another problem that I've seen with Microsoft Update since the beginning of this summer is that a collection of Office 2003 patches fail to install and everytime I reboot my computer Microsoft Update attempts the install again and fails again. I'm never notified of these failures and I'm not sure how to fix the problem in order to secure my system. Richard > I hope they don't have the gall actually to blame Microsoft for it. > Obviously it's a flaw in their network, and shows a hole in their own > testing. > > Perhaps it's also an indication that more Windows users are updating > more quickly. > > Larry Seltzer > eWEEK.com Security Center Editor > http://security.eweek.com/ > http://blogs.eweek.com/cheap_hack/ > Contributing Editor, PC Magazine > [EMAIL PROTECTED] > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of [EMAIL PROTECTED] > Sent: Monday, August 20, 2007 10:26 AM > To: [email protected] > Subject: [funsec] Did Windows Update take out the Skype network? > > http://blog.wired.com/monkeybites/2007/08/windows-update-.html > > Skype is finally back online after a massive two-day outage which > began on Thursday, August 16th and rendered the VoIP service useless > for an estimated 220 million users. As we reported on Friday, Skype > has denied charges that the outage was the result of an attack, but > the company delayed an official explanation until today. > > According to Skype the outage was caused by a massive number of users > restarting their machines, which flooded the Skype network with login > requests. Skype blames the restarts on Windows Update, presumably > large numbers of users rebooting after installing this month's "Patch Tuesday" > Windows patches. > > ... > > > > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
