InfobITS Logo ITS - Fall 2005
In This Issue QuickbITS Archives IT Directory Publishing Info
Timely Installation of Security Updates is Critical
to previous article to next article
by Jodi Ito

On Tuesday, August 9, 2005, Microsoft released Security Bulletin MS05-039 to secure a vulnerability in its “plug-and-play” (PnP) feature of its Windows operating system. Just five days later, the Zotob worm began spreading throughout the Internet using the PnP vulnerability. As a comparison, in 2004, the Sasser worm was released 18 days after the announcement of Microsoft's Local Security Authority Subsystem Service (LSASS) vulnerability. The time between public knowledge of a vulnerability and release of an exploit that takes advantage of the vulnerability is rapidly shrinking. It is more important than ever to ensure that security updates are installed immediately after they are released.

Over 250 computers in the University of Hawaii network were infected with the Zotob worm (W32/SDbot, W32/IRCbot or other variant of the worm). On many of the infected systems, the security patches had been downloaded but not yet installed.

Two things must be done to help prevent virus and worm infections:

  • Operating systems must have the latest security updates downloaded AND installed.
  • The current version of antivirus software must be installed and have the latest virus definition files installed. Every user must take responsibility for this.
to previous article to next article

Information Technology Services
Maintained by:
ITS Guide to Services
© 2005 University of Hawai'i
Last Updated: October 2005