recent posts

Social Networking Accounts Prized By Cybercrooks
RedBox Warns of Credit Card Skimmers
Opera Updates and a Black Tuesday Preview
Beware Targeted Data-Stealing Tax Scam
Consumers Report $239 Million Lost To Cyber Fraud In '07

Stories by Category

Stories By Date

related links

The Archives
Security Fix Live: Web Chats
About This Blog
Password Primer
7 Security Tips
Technology Section

syndicate

About This Blog   |   Archives   |   RSS Feeds RSS Feed   (What's RSS?)

Skype Bug Triggered by 'Patch Tuesday'

Internet telephony provider Skype today placed at least part of the blame for a two-day outage last week on Microsoft's monthly patch update, which was rolled out last Tuesday.

In the latest update on the situation, Skype's Villu Arak said the disruption "was triggered by a massive restart of our users' computers across the globe within a very short timeframe as they re-booted after receiving a routine set of patches through Windows Update. The high number of restarts affected Skype's network resources. This caused a flood of log-in requests, which, combined with the lack of peer-to-peer network resources, prompted a chain reaction that had a critical impact."

Early on in the outage, some observers had speculated that Skype was under attack by criminals targeting a recently described denial-of-service weakness in the software that powers the network. Skype responded emphatically that the outage was related to a glitch in its software and was not the result of an attack.

Skype officials said the flood of reboot-prompted logins focused attention on a previously unseen software bug within the system component that tries to deal with unpredictable spikes in network usage, and that the problem has since been fixed.

A Microsoft spokesperson said last week's patch release -- fixing at least 14 vulnerabilities in its software -- was hardly out of the ordinary.

"Windows Update is a routine service Microsoft provides to its users to receive software updates, including last Tuesday's security updates, which were not unique," the spokesperson said. "As indicated in Skype's blog, their specific disruption was caused by a bug in their software."

By Brian Krebs |  August 20, 2007; 4:49 PM ET Misc.
Previous: Beware of Five-Star Vaporware | Next: Don't Join the Club

Comments

Please email us to report offensive comments.



Unnoticed in this is that Windows update required each computer to be restarted. I'm disappointed that after all this time they still can't roll out a major patch without restarting the computer (because they nag you until you do).

It's too bad the Skype users lost service, but how is their qa team going to simulate the effect of all of their users logging in at once?

Posted by: Hmmm | August 20, 2007 6:06 PM

more arrogance from Microsoft

Posted by: Dave | August 20, 2007 6:40 PM

They're MS boxes. They love to be rebooted. The only problem I see with the whole process is that somebody hasn't figured how to make the reboot process quicker.

Posted by: Ivan Groznii | August 20, 2007 6:51 PM

ROFLMAO! Us old-timers remember a similar phenomenon back in the '60s. Not with computers, obviously, but with water. Immediately after The Beatles' first appearance on The Ed Sullivan Show, all the folks 'goin to the can' at the same time caused a drastic drop in New York City water pressure. According to this 'urban legend' fire hydrants didn't have usable pressure for two hours.

Posted by: Keith Warner | August 20, 2007 7:38 PM

I'm sorry, but if I read between the lines, the blame lies squarely at the feet of Skype. Microsoft, whom I'm inclined to believe this time, did nothing out of the ordinary with this patch release.

Something obviously changed with respect to Skype. Either their number of users changed dramatically since the last "patch Tuesday", or they made a software change since then. I suspect the latter to be the case.

Posted by: Mike Wyman | August 20, 2007 8:40 PM

The SANS ISC diary has an interesting discussion of this:

http://isc.sans.org/diary.html?storyid=3292

"... The patch Tuesday theory doesn't add up. Why did it take 'so long' to have the failure? Why not last month? What about this [DDoS] Proof-of-concept? ..."

Posted by: antibozo | August 20, 2007 9:43 PM

Why does Microsoft's bad karma have to hit innocent people?

Posted by: Rick | August 20, 2007 10:15 PM

@Hmmm: the underbody of NT will not allow tampering with disk images of processes. The only way to update these images is to put them in queue for the next boot. You can discuss ways around this until we're all ready for bed but any which way you turn you're going to have a really shaky idea probably tripping over its own feet in no time. Say you kill certain processes in order to update their images and restart them again: can this be done across the board? And if these images represent services or drivers? OS X doesn't work like this but NT has always worked like this. Get over it - it's the way the system's security was designed from the get-go.

Posted by: Rick | August 20, 2007 10:19 PM

That story seems bogus to me. How has this month been any different than any other month of patches? Combined with that 'exploit' code from that russian page, this smells like a DoS to me.

Posted by: wng_z3r0 | August 20, 2007 10:25 PM

Sorry, I think this one's on Skype. If they aren't ready for this, they aren't ready for prime time. I also think the headline for this piece should have been a question instead of a statement. And as far as I know, the reason you have to reboot after MS updates is so that the 'Malicious Software Removal Tool' can run on reboot.

Posted by: Jaxon Burgess | August 21, 2007 11:38 AM

Since Skype was aware that the problem they face is too many users trying to log at the same time, it is rather strange that they had a recommendation posted at their site that users should keep Skype started and let it keep trying to connect to the network.
Wouldn't it be more logical to recommend that users stop trying for couple of hours until everything gets sorted out?

Posted by: Igor | August 21, 2007 12:50 PM

Ed Felten has an interesting post about this today:

http://www.freedom-to-tinker.com/?p=1190

Posted by: antibozo | August 22, 2007 4:58 PM

My laptop would not restart after the MS install and I had to return home from a business trip and reinstall my system. Naturally MS would not accept any responsibility or admit the patch caused it. Thanks a lot.

Posted by: Mike Rolland | August 25, 2007 12:29 PM

"Hats off" to Microsoft for making your system problematic again! The problems with re-booting the system may very well be rooted in the "malicious software removal program" which I stopped using months ago. It was at that time that I stopped having all of the problems with each update! Customizing your updates is the only way to go, unless one wishes to use Firefox!

Posted by: Jake Miller | August 26, 2007 7:43 AM

The comments to this entry are closed.

 
 

©  The Washington Post Company