Microsoft users warned to patch immediately
A security expert has warned that Microsoft users should patch immediately to prevent themselves being hit by a worm.
Following reports that a worm is hitting Microsoft Windows despite an emergency patch being issued, Chris Schwartzbauer, vice president of development and customer operations at Shavlik Technologies warned that patching should be done immediately.
Schwartzbauer said: “If companies have not yet patched against this vulnerability, they should do so immediately, rather than wait for the scheduled Patch Tuesday releases on November 11 - and then they should scan to confirm that the patch deployment has been successful.
“There is a great risk for companies that struggle to discover and secure all the systems that this worm could invade, due to the complexity of their networks, an over-reliance on manual processes, or even complacency toward the perhaps little-used older systems this worm targets, that may not be well monitored or considered critical.”
He explained that the presence of a Rootkit can make it extremely difficult for security software suites to detect as this one has the potential of infecting any PC on a network that has not been patched, while the user remains unaware of anything invading their system, giving it the room to spread across other unprotected PCs on the network.
Schwartzbauer said: “Further, while the initial worm may appear to target only Chinese language OS versions, it can be leveraged by many to develop other attacks that target other OS versions. If this worm is to be stopped in its tracks, administrators will not only have to deploy quickly but also confirm that all systems have been reached, that for example all unpatched laptops are detected as soon as they log on to the network.
“In a global economy, it is very likely that an organisation may have employees or business partners that utilise Chinese operating systems. If that machine has legitimate access to other software and systems, it could be a launching point for malicious activity.
“When Microsoft released the patch for this vulnerability on Oct 24 it was only the fourth time Microsoft felt it needed to do so outside of its regular Patch Tuesday schedule, suggesting that systems were generally becoming more secure and the days of highly destructive viruses and worms could soon be behind us. But the fact that they have chosen to do so suggests the potential for damage is significant underlining the requirement to be not only vigilant but also thorough with patch management efforts.”