Friday, August 22, 2003


Back in July, Microsoft discovered a vulnerability in Windows XP and 2000. It was a hole in the RPC (remote procedure call), a widget which is used in way too many things in windows. So this was pretty bad. They immediately released a patch for it. Server administrators everywhere scheduled patching and fixed their servers. Smart tech people updated their work and personal desktops and laptops. At the beginning of August someone wrote a virus and let it loose. So far nothing out of the ordinary. Nothing that hadn't happened countless times before. (NOTE: If you had patched your OS and had AV software running with current definition files then you ARE in NO DANGER whatsoever)

However even people's home machines use RPC calls (windows uses it to let you drag and drop on your desktop, for example) so they are vulnerable too. And the virus doesn't propegate via email so the network and server fixes put into place don't help keep people's home machines virus-free. So quite a few people's home machines have been infected with this MSBLASTER virus or variants of it.

A lot of those people (kids, students) came back to college today. And brought their infected computers here and hooked them up to our network. So word came down from on High to gather together all the technical people and send them forth into the wastelands to sheppard to the masses and disinfect their computers. So I spent all yesterday afternoon knocking on doors, taping up fliers telling them to get help and running fixes, patching OSes, installing AV software, etc. I won't say a few ideas here that I have which might have helped the situation before it turned panicky because others here have been lambasted for posting to blogs and it's not too cool to critisize people behind their backs, no matter how much we think they may deserve it.

But the situation didn't breach my number-one-rule-for-deciding-if-things-really-suck. I got to take a shower this morning so I'm golden (which doesn't allieviate my desire, nay right, to bitch about things in general!). And while we were out there helping the masses, networking gurus came up with a pretty good plan to fix things, or at least to make it more bearable until we get these kids fixed and set to autoupdate. (And for the record before I got my cable modem at home I didn't patch my OS either, a 40Mb download from Microsoft takes FOREVER over a 26.6 modem connection! <looks at MS for the lack of an easy way for modem users to patch OSes>

I wonder if I can convince anyone of the value of CONTINGENCY PLANNING?


Post a Comment

<< Home