Admins are shaking in there boots due to the Ms 09-001 Patch

I have to talk about this because this is a big deal.   According to Techworld and I’ll quote:

“This one scares me – a lot,” says Eric Schultze, CTO of Shavlik Technologies. “It is a lot like Blaster and Sasser. It is the same exploit vector. If I am an attacker and I can touch NetBios then I can execute code with no credentials.”

[via Techworld]

[ad]Now This is due to the fact of what is happening with an update that came a few months ago the MS 08 – 067 that still people haven’t patched their systems.  According to F-secure the Downadup/Conflicker has grown overnight by a million computers being infected.

Now why are they scared of the recent patch (MS 09-001), because of so many vectors of infection, you don’t need any credentials.  The virus  does not  need to know any passwords or user names to gain access.  Just like the Downadup variant that is hitting the internet right now, this virus tries to access accounts by guessing weak passwords or even putting itself on flash drives or other mobile media to get other systems infected.

So why are admins scared over this new patch?

Most  companies don’t patch there system as quickly as Microsoft would like them to.   You see most companies have quite a few computers depending on the size of the company it could be quite a lot.  So many in fact that it would have several IT personal just to keep the system going.
[ad]

So why don’t they just put the new patches on the systems?

Depending on the size of the company and what they do has a lot to do with them updating there systems.  Some use really special programs or have a network going that is vital.  Even the smallest update to the system could bring the network or the program down.  Most companies liketo test it out on test machine for a while to make sure that the patch doesn’t  prevent the business from doing business.   Here are a few articles that prove why companies do not want to just install patches automatically:

Some companies are using older systems like Windows ME or some older Windows Operating systesm.   Although there isn’t anything we can do about those because Microsoft has stopped supporting them with updates and all.  I know we are all thinking thesame question?

Is there a way to fix the problem with Windows Updates?

I personally don’t have an answer but I am sure hackers will find ways to exploit codes so they can get on your system so way.  I’ve recently read a story about Adware Author and now I understand even more about why people do all of this.

This is one of the questions every admin has to ask themselves?  How do we update all of the systems we are responsible for?  There are no easy answers to this.

Patch list for Patch Tuesday January 2009

I just got the update of what will be patched and what will I expect to be patched, Here is my list of what will be coming on Patch Tuesday, January 13, 2009:

  • [ad#ad2-right]Update for Windows Mail Junk E-mail Filter [January 2009] (KB905866) — Keeps those junk emails from getting into your system.
  • Windows Malicious Software Removal Tool – January 2009 (KB890830) — This is a usual thing for Microsoft and should not be messed with.
  • Windows XP Service Pack 3 (KB936929) — Changes made to the were made for the Metadata but nothing else.
  • Critical update — Microsoft Windows 2000 Service Pack 4, Windows XP Service Pack 2 and Windows XP Service Pack 3, Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2,  Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2, Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2,Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems.
  • Moderate Update — Windows Vista and Windows Vista Service Pack 1,Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1, Windows Server 2008 for 32-bit Systems, Windows Server 2008 for 32-bit Systems, Windows Server 2008 for Itanium-based Systems.  (Windows Server 2008 Core Installation affected)

These were the only I could find that I expect to be deployed on the next windows updates.  I expect the really bad updates they are going to wait till last minute to tell anyone.  When they become available I’ll let you know which ones and how quickly they need to be installed.

The Cricitcal and Moderate Update for Microsoft are the same but since the NT Kernal is used for Vista and the Servers it isn’t affected as bad as the Window’s Kernal.   I would guess it will be a core installation program that would be the culprit and Microsoft is going to patch it.   I won’t find out about it till Tuesday but Microsoft has said it will only be a few updates so that is good.  We will have to wait and see!!