will connect to a control server to ask for instructions. It scans network neighborhoods and tries to infect them, as well.

We carefully checked this patch and are 100 percent sure that it is not malicious. The patch is, of course, not as carefully tested as an official patch. But we feel it is worth the...

My guess is that it’s just serious enough that they really felt it was necessary to release it early.

Typically, the infective vector is a laptop connected to unsecured networks,

We do suspect that Microsoft will still release an early patch given the imminent danger to its customers from this flaw. As stated by the company about two years ago, patches can be released within...

For home users: Apply the patch as soon as you can.

It claims to be a movie or picture with some sort of sexual content. That is how it tricks you.

At this point, Apple does not appear to offer the patches in distinct packages, which will make testing in larger environments tricky.

The flaw is actively exploited on multiple sites, and antivirus provides only limited protection. Active use of an exploit without sufficient mitigating measures should warrant the early release of a patch, even a preliminary, not...

The obvious thing is to apply patch MS05-051 on at least your [Windows 2000], … We do know the port 3372 scanning started in full force, likely in order to acquire target lists. If you...

Each patch (official or not) has a chance to ‘blow up’ and cause unintended side effects.

A new version can be pushed out every four hours. You can never catch up.

Particularly over the last year, anti-virus (programs) have lost a lot of their effectiveness. They are basically no longer capable of keeping up with the proliferation of new viruses.

It used to be teenagers looking for bragging rights. Now it’s done for profit.

Writing a cross-platform worm is difficult because it limits you to functions that are available on both operating systems. You have to also code the virus in assembly to make it work without relying on...

The story here is if you are hit, you do have other vulnerabilities than this problem.

I don’t think we will endorse this patch. There is no source code available, so we are not able to validate the patch.

Users have to kill out of the browser and start over again. This stalled browser creates a DOS (denial of service) condition.

The problem with this attack is that it is so hard to defend against for the average user.

It?s sort of a wake-up call for Apple users. Everybody focuses on Windows, but there are viruses for other operating systems.

I think we’ll see an increase in virus activity as Linux becomes more mainstream.

This should allow Windows programs to display WMF files normally while still blocking the exploit.

What hackers are trying to find is, if they can make a bad Excel file or a bad Word file, does the program crash and allow them to compromise the system.

This laptop will infect your systems from the inside.

At this point, we do not recommend applying these temporary patches.

More often than not, a patch will actually do more damage than good if you roll it out too quickly without testing it first.

Yesterday we got a lot of reports of [the code] being used, but they turned out to be false positives. I haven’t seen anything really used in the wild.

The Snort issue is more dangerous because the exploit is really simple.

In this case, Microsoft is taking too long.

The vulnerability itself has been known about for a while, but it was only a problem for a denial-of-service attack that would sometimes cause IE to crash. Up until now, no one knew how to...

These are the sort of problems that we typically see when patches don’t cooperate well with various third-party software and some of the less used functions of Windows,

We’ve basically built doors now for 4,000 years and still have burglaries.