There’s yet another Windows worm going around and causing IT workers grief. This worm uses a previously-patched vulnerability in Windows to spread itself around and clog up corporate networks.
This is another reason why not being part of the dominant monoculture is such a great thing. Mac and Linux users don’t have to worry about worms like that because the source code of their systems is under constant review and correction. Plus, they’re based on systems that have been designed to be run on networks since 1970 and are built from the ground-up with security in mind. The vast majority of Windows users run as full Administrators, opening themselves up to all sorts of problems. Of course, most Windows users have to run as Administrators because Windows software won’t run without full system access. Even games like The Sims 2 require users to become Administrators before playing. (Although I believe this was later fixed.)
Having your kids have to have low-level access to the system just to play a game is an example of why Windows is fundamentally insecure. Both Mac and Linux make users run under a limited user account and verify that they want to give a program permission to access the rest of the system. That sort of design should be the standard for Windows, but Windows hasn’t really shed it’s single-user roots yet – and that’s why the poor schmucks using Windows have to spend inordinate amounts of time running virus scanners, anti-spyware programs, and worrying about some drive-by download stealing their identity.
Windows Vista is supposed to fix many of these problems. Windows Vista is also a year off, and could be delayed even further. Meanwhile, everyone else has a sensible security architecture already in place and have significantly fewer vulnerabilities like the ones exploited by the Zotob worm.
No operating system is totally security, and security is a process, not a destination, but that certainly doesn’t mean that us Mac/Linux users can’t still get a bit of schadenfreude when the next big Windows worm makes the news…
