Microsoft Corp.s Windows Update site on Friday was functioning just fine despite being the target of a denial-of-service attack from machines infected with the Blaster worm.
The company used a clever feint to outsmart the worm and simply stopped using the windowsupdate.com domain for the time being.
The worm is coded with instructions that direct it to launch a DoS attack against the windowsupdate.com domain at midnight local time on August 16th. Machines infected by Blaster in Australia and other countries in the far Eastern time zones should have begun blitzing the site with packets at 10 a.m. EDT Friday. But the attack seems to have had no effect. Microsoft officials said theyve seen some traffic, but nothing extraordinary.
“The [windowsupdate.com] page was always just a redirector anyway. When Windows takes you to Windows Update, its takes you to windowsupdate.microsoft.com,” said Stephen Toulouse, security program manager at the Microsoft Security Response Center in Redmond, Wash. “We havent noticed an outage. Theres nothing in any way interfering with the operation of the site. Were here with our sleeping bags doing everything we can.”
Visitors to the windowsupdate.com site are greeted with a message informing them that the page theyre looking for cannot be found and may have been removed or had its name changed. But Windows Update can still be reached by going to the main Microsoft.com site and clicking on the Windows Update link. Alternately, users can go to the following address to access WU: http://windowsupdate.microsoft.com.
The WU site is vital to Microsofts customers, particularly during events such as the Blaster outbreak. The site is the main source for security patches and other software updates, and millions of users have been flooding the site all week as they scramble to get the patch that prevents Blaster infections.