Microsoft Corp. and its customers need to take joint responsibility for security issues such as the SQL Slammer worm, which brought down systems all across the world earlier this year, several large enterprises said here at the TechEd conference on Monday.
During an enterprise customer panel, Nathan Hanks, the managing director of technology for Continental Airlines, admitted that the worm hit the company hard as it brought down its gate check-in systems.
"We cannot have undocumented servers that are responding to anonymous queries on DDP that allow buffer overruns. CIOs need people in place to figure out why port 1434 is open on publicly exposed firewalls.
"If those ports weren"t open, slammers would be a non-event. We have MSDE on every single gate PC in our hubs. We immediately failed at putting people on planes. That"s the issue at hand. Microsoft needs to fix that, and we truly believe that they will," he said.