InfoWorld - Security Adviser: Conficker malware ups the ante

/Home/Internet Security: Blogs/Internet Security: InfoWorld blog/InfoWorld: Security Adviser 2009

Roger A. Grimes explains why keeping up to date with patches can mean the difference between a functional system and a playground for hackers

By Roger A. Grimes
JANUARY 16, 2009

I'm finding many Windows servers without the MS08-067 patch and no specific mitigations applied. There hasn't been a very large malware outbreak (a la Code Red, SQL Slammer, etc.) in a few years, and perhaps this could be leading to a false sense of security.

If you don't patch, the ever-transforming Conficker malware program could end up testing your security perimeter breach responses. Microsoft released the patch on Oct. 23, 2008, nearly two months ago. To remain unpatched at this point and time doesn't seem to be a great idea, but there are still plenty of vulnerable servers out there.

Click the URL above to read the full article