You have to admire the speed and agility of the hacking community. On August 9, 2005 Microsoft announced the release of Security bulletin MS05-039 to fix a Plug and Play vulnerability in the Windows Operating System. A mere 5 days later Zotob.A was spotted in public looking for the vulnerability to exploit. 5 days. Come on lets get real here. Who has so little life that they are able to dismantle a vulnerability and create and publish the exploit in that short amount of time. It really has me thinking.
I have always understood the concept of taking on big challenges simply because they are there. Climb Mt. Everest because it is there! Run the rapids of the Colorado River through the Grand Canyon because they are there! Swim the English channel because its there! Create an exploit to a windows vulnerability because its there? It just doesn’t work for me. I can’t figure out why anyone would want to purposefully hurt other technology users. I suppose there are the technology Psychopaths and Sociopaths who find fame and personal recognition in creating discord and havoc in the world of Windows.
Some words to the wise. Patch your machines regularly. Use a tool Like MBSA 2.0 on your servers and then use Windows Server Update Services to push updates out to you machines. Learn how to effectively control the security of your network and exercise good group policy. You will be happier for doing it. I will dedicate the next weeks postings to a discussion of some of the tools I recommended here.
Patch now while you can. Don’t let this silly waste of time waste yours!