♦ Password
♦ Mailsetup
♦ Info
♦ Workstations
  ♣ Linux
  ♣ MacOS
♦ E-Mail
♦ Chat
♦ Files
♦ Backups
♦ Printers
♦ Network
♦ Statistics
♦ Downloads
♦ Links
♦ Newsletter
♦ Submit
♦ Search
♦ Linux

  What happens if you don't update in time!
Security Posted by Fabian Wenk on Wednesday August 17, @02:28PM
from the keep-your-systems-up-to-date dept.
The Exploit for MS05-039 was improved in a very short time to a spreading worm in the wild. According to the article Worm strikes down Windows 2000 systems at CNN, many big companies got infected with the worm.

Why could this happen? Read on...

In my opinion it took two (three) things which happened (or not happened) so that this could take place:

  • 1. The computers in the company network were not updated in time. The MS05-039 patch was available since August 9.
  • 2. Employees bringing there already infected (and also not updated) notebooks from home into the company's network
  • 3. Employees can connect from everywhere (from a possible infected computer) through a VPN to the company's network and have unprotected full access to it.

Even firewalls blocking all the traffic on the "NetBIOS" ports can not protect companies from this kind of attacks (and down time) as long as they work irresponsible with their IT infrastructure.

It is very important, that every computer user and admin takes his responsibility to keep system up to date in time.

It is a good idea to subscribe to the announce mailinglists of the vendor/creator of the operating systems and applications you are using on computers you are responsible for, this will keep you informed about updates.

A good starting point with some hints would be on our security link list. If you are a user of our services and/or infrastructure it is also a good idea to subscribe to our Newsletter.

<  |  >


  Related Links
  • Articles on Security
  • Also by Fabian Wenk
  • Contact author
  • The Fine Print: The following comments are owned by whoever posted them.
    ( Reply )

    © 2003 ISG, Departement Physik, ETH Zürich, <>