Patch practices fail Blaster test

The long list of casualties hit by the W32 Blaster Worm has once again proven IT managers are struggling to securely maintain their systems and keep patches up to date.

If Blaster was a test then IT managers failed miserably, but sadly the rampage was all too real as the victims of more than half a million computers running Windows will contest, especially some of Australia's largest companies which were crippled by the worm.

Astounded by the devastation of the aftermath considering Microsoft posted a software patch to fix the flaw on July 16, the Australian Computer Emergency Response Team (AusCert) general manager Graham Ingram said he was "surprised that IT managers were surprised".

He said there was plenty of warning with even the worst-case scenario of massive exploitation well articulated in advance of the attack.

"The whole nature of the threat was missed because the focus is on technical issues instead of security; patch models currently in use are not workable," Ingram said.

"IT professionals are responsible for maintaining security alerts, there is no shortage of information; it is not a difficult task and no one else is going to do it."

Information Security Interest Group (ISIG) chair Mark Ames agrees current practices are failing pointing out there are options other than patching 3000 desktops.

Ames said firewall and gateway controls can be used to block a particular string of packets.

He said complaints by IT managers that it takes time to test each patch before deployment is a "lame excuse".

Companies hit by the worm said patching hundreds of servers and thousands of workstations takes a lot of effort that involves scheduled downtime which is why the process needs to be reduced from hours to minutes.

Ironically, a new version of the W32.Blaster worm has emerged which cleans corrupted systems, then installs a software patch to prevent future infections.

Referred to as Worm_MSBLAST.D and Nachi it spreads by exploiting the same Windows security hole as the original.

However, unlike the original it is more concerned with fixing systems rather than exploiting their weaknesses by removing the Blaster worm file, downloading and installing a software patch and closing the security hole used by the worm. w - with Jaikumar Vijayan

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Sandra Rossi

Show Comments



Sansai 6-Outlet Power Board + 4-Port USB Charging Station

Learn more >



Back To Business Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?