When the going gets weird, the weird turn pro. - Hunter S. Thompson

24 May 2006

The Danger of IT Monocultures

Dan Geer is an extremely well respected security expert. When he worries about something, people listen.

One of the things he has worried - and warned - about is the danger represented by IT 'monocultures' - the situation that arises when everyone uses the same software, for example, and therefore everyone shares the same vulnerability to a computer virus or other security threat.


As it happens, Dan's bomb went off a few days ago, with the breakout of the "Backdoor.Ginwui" virus, a malicious bit of code that Symantec introduced in an alert as follows:

It has been reported that Backdoor.Ginwui may be dropped by a malicious Word document exploiting an undocumented vulnerability in Microsoft Word. This malicious Word document is currently detected as Trojan.Mdropper.H.
The ConsortiumInfo.org Standards Blog: "Monocultures and Document formats: Dan's Bomb Goes Off"

Also posted at Knowledge Work.

No comments: