Agreed, patch and update those signatures. If MS is this concerned it should give you a clue as to the severity of the attacks they've been observing.
One of my other quotes, which didn't make the article, was along the lines of hoping that a worm wouldn't spread to much because hopefully not to many people are using computers that are directly connected to the net. However I have seen it quite a bit.
I think one of the places that this will be a problem is college / university residences... many of them forbid NAT devices in front of your computer.
XP SP2 turns on the firewall and blocks this by default...no?
People want to share files and run bittorrent clients (which test for them to have an open port in many cases). Disabling the windows firewall is extremely common.
I spent almost 2 years doing student support... and XP SP2 came out during that time... I'm willing to bet for every 100 students we saw, maybe 5 of them had the firewall turned on.
I tend to do that.... I ama 1 and 0 kinda girl.Quote:
That it does... but you're thinking way to logically.
specifically when assessing a threat...as to run around and apply patches untested to a production environment is risky to say the least and I like to see what the mitigating factors are before I patch.
I have seen some hasty patches totally fubar a server \application....
I err on the side of caution usually :)
Ports 138 139 and 445
t34b4g5: Neg posted that on the third post.
SirDice: Good point
morganlefay: I believe SirDice was getting at the fact that your subnet is going to be scanned before it starts randomly scanning the internet, and your subnet is where it will find most of it's victims
C:\Saw: I doubt that it's a majority yet :), but either way I've found that most OS X users tend to be running Windows along side of it because OS X doesn't do everything they need it to do.
HT...I know what Sir Dice was saying.....but if all the workstations are patched ...how does the worm get into the subnet...rogue laptops...dont have any. Unauthorized access to the network...not likely
All I am saying is there is now way in hell I will patch my server until I am confident it not going to break something.
Browsing the forums as we speak...looking to see if there are any issues with applying the patch in my environment.
All the workstation have had the update pushed on them ....
actually ....I had an issue with my laptop after the patch was applied...it knocked out both my nics....until I logged in with admin priviledges...and the patch was then fully incorporated....nics came back on line... Logged back in with the limited account...and voila..both nics worked again.