• silicon.com
• Technology
• Security

By Andrew Colley, 22 August 2003 08:07

NEWS Electronic Data Systems (EDS) Australia today refused to confirm or deny that the MSBlast worm burrowed into its network during its recent rampage across the internet. EDS spokesperson Brian Finn said he was forbidden to comment on the situation as it would constitute a breach of the company's security policy. "We don't comment in detail about the security status of our network," said Finn. The company would not deny that the worm had penetrated its network but limited its comments to a tight-lipped acknowledgment of the apparent increase in security threats circulating on the internet in the past two weeks and a statement carrying a claim that the company was prepared for them. "We work with all of our partners including Microsoft - with whom we're actually strengthening our partnership at the current time - to take precautions against those [vulnerabilities] and to continue to upgrade and monitor the network as required," said Finn. However, company insiders allege the worm managed to slither past EDS servers to infect a number of the company's desktops. Further casting doubt on EDS's claim, events leading up to and during the MSBlast's peak activity period indicated the technology service provider's mechanism for reporting vulnerabilities to its clients may have faltered. The Australian Taxation Office, one of EDS's largest clients, shut down its systems to patch security holes the worm exploits 13 August, almost a month after Microsoft issued a warning about the flaw 16 July. The allegation that MSBlast managed to breach EDS's security coincides with its announcement yesterday that it had completed a joint development with Microsoft for a technology that automates the roll-out and maintenance of Microsoft desktop software. Called, myCOE (my Consistent Office Environment), the 'zero-touch' provisioning technology allows EDS to distribute Microsoft software as a service on pay-per-installation basis. "Tasks for deploying Windows XP and Office XP that previously required manual intervention are now almost totally automated and can be completed in an unattended manner, making desktop deployment easier and more cost efficient," said EDS. EDS claimed it had created the first utility computing model for software. Andrew Colley writes for ZDNet Australia