Recent examples include the continuing attack of the Blaster worm in all of its variations. Blaster takes advantage of vulnerable computers with the NT, 2000, and XP operating systems, and can turn those machines into zombies launching a coordinated denial of service attack on targeted networks. Other worms and viruses have also taken advantage of this security glitch for a host of other dastardly deeds. What is sad is that none of these attacks along with their incalculable damage need have happened, as Microsoft released a small patch to fill the security gap a full month before the first attack utilizing the flaw. Microsoft publicized the vulnerability and released the patch, and while millions downloaded and installed the patch, millions of others failed to do so in blissful ignorance, enabling Blaster and its cousins to wreak havoc.

It is also sad because most recent versions of Windows have the capability to periodically and automatically check for these updates. Quite some time ago Microsoft released a small, free utility for Windows 98 to enable automated notification of updates in Windows 98. Other more recent versions of Windows have the update feature integral with the operating system. Checking for updates can be simple. Many builds of Windows have the update service accessible by simply clicking on START – CHECK FOR WINDOWS UPDATES or some variation of the wording. Another simple manual method is to go online using Internet Explorer, and going to windowsupdate.microsoft.com. Regrettably, the former update site at www.windowsupdate.com is no longer available as it was an explicit target of the Blaster worm and Microsoft shut down that server to avoid the debacle of a denial of service attack. Once on the update site it may be necessary to download a small utility which will be installed on the computer. An automated system will search for available updates explicitly for the system being checked. Some updates are referred to as “Critical”, while others shown are labeled as minor or driver updates. It is imperative that users install the critical updates, as these deal with security issues and program vulnerabilities. Since Microsoft has been releasing these updates on a frequent basis, often several during any given week, it would be a good practice to check for these critical updates every day or two. Users with broadband access and later versions of Windows can have these updates automatically downloaded and installed by their operating system. Dialup users should check for critical updates as often as possible, and download at their earliest convenience. In Windows XP, the “Windows Update” may be found in the “Help and Support Center”.

Microsoft has a summary and information about these critical updates at www.microsoft.com/security. There is an easy way to be notified of these updates and patches when they become available. Microsoft is offering a free email service, linked from the security page, where security notices will be emailed as they are released. Anyone interested in system security, from individual home users to system administrators should subscribe to their free service. One warning, which is reiterated on the security page; Microsoft never sends out mass emails containing security patches, but several virus propagators do exactly that. Any such emails, appearing to be from Microsoft and containing an attachment purportedly a security patch, will likely be infected and carry a dangerous payload designed to ensnare the recipient into believing that these emails are authentic, enticing the user to run the attachment, thus infecting his machine.

There have been several recent security bulletins from Microsoft. Often these bulletins are announcing the availability of a new patch. Following are some of the most recent (as I type this) bulletins. MS03-038 is a security warning and patch rated as “moderate” for users of Access 97, 2000, and 2002 (XP). MS03-037 is a critical update and security patch to close some vulnerabilities in any program using “Visual Basic for Applications”, including almost all versions of Office products, Publisher, Works, and other Microsoft applications. Failure to install this critical patch could allow a hacker to compromise the system, and read or run files on the computer. It is a near certainty that somewhere some hackers are writing code to maliciously take advantage of this weakness on unpatched computers. MS03-036 is another warning and patch labeled as “Important” by Microsoft. This patch is for almost all versions of Office, Works, Publisher, and Front Page, and will close another vulnerability allowing unauthorized access and control of the user’s computer. MS03-035 is another patch similar to 036. MS03-034, rated as “low risk”, is a patch to close a security vulnerability in Windows XP, 2000, NT, and Server 2003. Other recent bulletins are MS03-033, a security update for Microsoft Data Access Components, and MS03-032 a “Critical” security update for Internet Explorer versions 5, 5.5, and 6.

I want to warn all readers of this column who are users of Microsoft products to frequently check for and install security updates as soon as they become available. Preventing security problems is far superior then being a victim.

For more information on the Tulsa Computer Society click here