MySQL Worm and Microsoft

I am a big fan of Robert Hensing's blog, which details his dealings with security problems in the Windows world. He's got strong opinions, but he reports really interesting details about fighting the good fight on the Microsoft side of the world.

So I was fairly surprised when his post about the new MySQL worm on Windows started with this sentence: "So it seems that there is a new MySQL bot that is spreading to Windows machines running MySQL with weak SA (or whatever MySQL's equivalent is) passwords." If the head of Microsoft's incident response team can't be bothered to even learn the name of the feature that is causing the problem, just because it isn't a Microsoft product, that doesn't instill a lot of confidence in their ability to work well with the community.

Robert probably didn't mean to sound that way, but he should probably realize that, as a public face of Microsoft's security team, it might be better to at least pretend to care what other people are doing and how they do it.

Get In Touch