Network Defend

You may have heard about several new security exploits on the Internet during the last month. If not, you need to be aware that many of these new problems have begun to be exploited by various hacking groups across the web. They are rated at Microsoft’s highest alert level and can enable someone to take over your entire network, access your confidential data, or disrupt the stability of your system if you open certain email attachments or browse to certain web sites. The patches that mitigate these security holes in Microsoft Windows (2000, XP and 2003) have finally been released. If you do not have Automatic Updates turned on, you can get the patches manually by visiting Microsoft’s Update site at http://windowsupdate.microsoft.com/ and selecting the Express button.      

Be sure to reboot after the patches are installed. Then repeat the process immediately at least once to be sure that no additional patches are available. If there are, install the next set of patches, reboot, then check the Update site again. Repeat as needed until no additional available patches are shown. Some patches will not appear on the site until previous patches are first installed.

Remember that Microsoft releases critical patches on the second Tuesday of each month, so mark your calendars.

A word about Automatic Updates on Microsoft Windows.

If you run a very small office with less than 5 machines, and do not have any commercial level enterprise software running in a server environment, I highly recommend you enable Automatic Updates on all your workstations. You can do this from the Update site by clicking the reminder link on the right hand side. (Note: you will not see that reminder if Automatic Updates is already working.) Occasionally you will see a reminder in your task tray to reboot your machine - do so at your earliest convenience. Other than that the process is fairly painless and may help prevent most major security problems related to the operating system. This practice, when combined with safe Internet usage, a good firewall, AntiSpyware and AntiVirus protection, will mostly protect your small office.

If you run a larger office, or you have servers that provide advanced functionality to your office, or you run custom software, then it is generally better to turn off Automatic Updates on the clients and use a server based updating service such as SMS or WSUS so you can control which updates get applied to your computers. Control is important, as some patches have been known to cause problems with these larger systems. The process includes testing the patch before rolling it out to the entire organization to ensure your business critical systems are not “broken” by the patch. This is one of the services Network Defend can provide for you, feel free to contact us for additional information.

If you use Firefox or Opera, be aware that several critical security patches were released this week for both. We highly recommend that you get them patched before the exploits begin showing up on the Internet.

Finally, there have been some reports that these latest Microsoft patches are causing problems on a few computers. While some may feel that the cure could be worse than the disease, I still recommend that you keep current with all security patches. If you are concerned, see http://support.microsoft.com/default.aspx/kb/912812 for more information and suggested workarounds.