DoS Attack Rattles MS Site

A DoS attack, rather than a cracker exploit of a much-publicized Windows vulnerability, is behind the nearly two-hour outage of properties, says Redmond.

When the entire set of properties went down for an hour and 40 minutes Friday afternoon, many—including many at Microsoft—initially feared the worst.

Could crackers have managed to exploit the Windows remote-procedure call vulnerability that everyone—from Microsoft, to CERT, to the Department of Homeland Security—had been warning users about this week?

The situation reminded many of the "Slammer" worm that plagued Microsoft, its partners and customers that had failed to apply a SQL Server security fix earlier this year.

Remember Slammer?

But this time, it turns out that Microsoft was hit by a plain, old denial-of-service (DoS) attack, a corporate spokesman said.

"It was a denial-of-security issue. The attack had nothing to do with a vulnerability in anything. It was just people overloading our server with calls," said company spokesman Sean Sundwall.

"Looks like they either hacked Microsofts name servers or the root servers themselves," said one anonymous consultant who reported the outage.

To read the full article, click here.