Warning: New Microsoft worm on the way

The clock is ticking. A new, and possibly nasty, Internet worm is almost certainly coming. How do I know? Every time Microsoft releases new security patches, it's just a matter of time until some crook reverse engineers them to find the original vulnerability. So I thought it would be interesting to explore the entire process, from patched vulnerability to final worm. I'm doing so not to facilitate another worm (believe me, criminal hackers, or crackers, already know how to do all this), but this way, should one hit, we've all had plenty of warning.

I'm going to start with something I call the Eschelbeck Theory, named after security expert Gerhard Eschelbeck, of a security company called Qualys. His research shows that half the vulnerable systems in the world get patched within the first 30 days after a vulnerability patch announcement. Toward the end of that same 30 days, someone inevitably releases a virus or worm to exploit the unpatched systems. It's this latter phase that I want to discuss this week.

Read Full Story