A good reminder why patch management is important!
I just got home from a whole weekend of working (almost around the clock) at a customer fighting a very nasty virus called WIN32/IRCBOT.RC (it’s called other names as well). The virus had spread around 1100 client systems and approx. 150 server systems. First thing I wondered is how the hell did this virus get in… it’s a pretty old virus which should be picked up by the virus protection and it should not spread among systems via the network, seeing as Microsoft put out a security patch for it. So I started looking around the clients and servers… turned out that the customer didn’t install ANY Microsoft updates at all after deploying the machines.
I ended up writing a very complicated computer startup script that would remove the virus from the clients… on the servers the script was manually started…
The customer was using Norman Anti Virus, which did detect the virus, but didn’t succeed in cleaning/quarantining it. First thing tomorrow they will start uninstalling Norman and start installing Forefront Client Security on the clients (which does actually cure the virus)
So this was a great reminder why we do patch management:
This whole drama could’ve been avoided when the clients and servers would be up to date with the latest security hotfixes from Microsoft.
August 24th, 2009 - 22:55
Here’s the problem: http://icanhascheezburger.wordpress.com/files/2009/08/funny-pictures-kittens-try-to-order-burgers.jpg