Don't be a turkey - patch that Windows vulnerability now

While Microsoft can write all the patches it wants, it can’t make users install them. But hackers can push

that button, which brings us to the gory little problem going on today with Win32/Conficker.A and a clock ticking toward Turkey Day. (Read more about the worm here.)

The Win32/Conficker.A malware infects computers across a network by exploiting a vulnerability in the Windows Server service. The lid is shut on Win32/Conficker.A, however, when users install patch MS08-067, which was released Oct. 23.

According to Microsoft’s Malware Center blog:

“[The worm] opens a random port between port 1024 and 10000 and acts like a web server. It propagates to random computers on the network by exploiting MS08-067. Once the remote computer is exploited, that computer will download a copy of the worm via HTTP using the random port opened by the worm. The worm often uses a .JPG extension when copied over and then it is saved to the local system folder as a random named dll.”

Users should be hyper sensitive to this warning. Microsoft is making a big deal about this and rightly so.

Plain and simple, installing patch MS08-067 now will guarantee that Monday, when work resumes at its normal pace, will be a pleasant and worm-free day.

Of course, the timing could have been better. Microsoft admits that reports of attacks were picking up over the weekend. It would have been nice to give IT an extra day or two to rush out the patch rather than waiting until Nov. 25 to again beg for users to patch. Clearly the attack aligns with the fact that hackers know most U.S.-based targets will be short-staffed or not even staffed over the Thanksgiving holiday.

Then again, attacks have been spotted and reported as early as Nov. 5.

Be upset with Microsoft (again), but don’t waver from the fact that networks without this patch are at risk of being compromised.

Microsoft reports calls to customer service from U.S. companies are picking up.

The company said most of the reports come from users in the United States, but also names other countries/regions such as Germany, Spain, France, Italy, Taiwan, Japan, Brazil, Turkey, China, Mexico, Canada, Argentina and Chile.

The company says some home users also are affected.

Visit the Microsoft Subnet web site for more news, blogs, podcasts. Also see:

Unified communications: Microsoft vs. Cisco vs. others10 questions for Small Business Server/Essential Business Server guy, Russ Madlenerall Microsoft Subnet Microsoft newsletter. (Click on News/Microsoft News Alert.)

Microsoft patents ... a mere 146 issued so far in November

Just How Dead Is OneCare, Really?

7 Keys to cleaning up Windows with Windows 7

17 job-hunting resources for Windows pros

Glenn Weadock on Windows Server 2008

Library of Windows management tools from A Better Windows World

Subscribe to

Sign up for the


Copyright © 2008 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022