MCA doing the right thing? regarding sasser

[Heckler]

This is a copy off silicon.com, a pc techie newsletter.

Sasser 'not our fault' says Microsoft

May 04 2004

by Will Sturgeon

As virus takes down UK coastguard...
The UK coastguard service lost the use of its computers and database-driven services for several hours after being hit by the Sasser virus - despite the fact a patch has been available for two weeks and further warnings from Microsoft were sent out last week.

As such the software giant says it is not to blame for this latest exploit of a vulnerability in its operating systems.


Coastguards were forced to revert to paper filing systems, telephones and other low-tech methods to keep the service going through the outage, though a statement from the Marine and Coastguard Agency said the virus wouldn't hinder the service's effectiveness as coastguards train for all eventualities, including loss of critical systems.

However, the Agency failed to return a call from silicon.com asking why a government-run public service, dealing with life or death rescues, had failed to apply a patch which had been available for two weeks on the Microsoft website.

The worm attacks vulnerabilities in Windows XP and 2000 operating systems. But Stuart Okin, UK security chief at Microsoft, said his company is not to blame even though it will doubtless be a target of criticism.

"This is the fault of the criminal who launched the attack," said Okin. "The blame lies squarely at the door of that individual."

However, he reminded those who would be quick to point the finger at Microsoft that the patch was available two weeks ago. "If users had applied the patch then they wouldn't be affected," he said.

"There are three simple steps users can take to ensure they survive such attacks," added Okin. "They can keep up with security updates, ensure they have anti-virus and the latest signature files and they have their firewall enabled. If users had done that they wouldn't have been infected by this virus."

The team behind the Netsky worm has already claimed responsibility for Sasser



<hr width=100% size=1><A target="_blank" HREF=http://www.beneteau-owners-association.org.uk>http://www.beneteau-owners-association.org.uk</A>

 

[IanPoole2]

Re: Microshaft patches

Nobody puts them on straight away - as patches normally the cock other things up.
It's difficult for the CG, on any crucial system they should have loaded the patch first onto a test system - run a gamut of tests and then if it works and does n't crash anything else - load it onto their live servers.
However - that all takes time and money - so they probably do what we all do - wait for somebody else to try it first.


<hr width=100% size=1>

 

[MainlySteam]

Re: Microshaft patches

/forums/images/icons/blush.gif We must be one of the first off the line triers then as we install any Windows security patches in the week they are released. Unfortunately I have never had a Microsoft security patch 'cause a problem which I would have thought worth passing on (just the occasional thing like the scrolling glitch recently, and those minor sorts of things) so am obviously failing miserably in my testing of them.

John

<hr width=100% size=1>

 

[Alex_Blackwood]

Re: Microshaft patches

I have my home PC (Running XP) set to alert me when any security patches are available from MS. Always install at first opportunity and never had any problems.
Would have thought that any organisation such as MCA would have IT systems management trained to sort out these problems.


<hr width=100% size=1>

 

[nordic]

Re: Microshaft patches

Its times like this I'm glad I still have my steam driven PC running Windows 98!

Not looking forward to the day I have to upgrade, but maybe by then MS will have sorted themselves out by then!

The driver and vehicle licensing system here in NI was also affected. What I cannot understand is what the systems managers of these large and complicated networks are doing - or not!

<hr width=100% size=1>

 

[nordic]

Re: Microshaft patches

Its times like this I'm glad I still have my steam driven PC running Windows 98!

Not looking forward to the day I have to upgrade, but maybe by then MS will have sorted themselves out!

The driver and vehicle licensing system here in NI was also affected. What I cannot understand is what the systems managers of these large and complicated networks are doing - or not!

<hr width=100% size=1>

 

[BlueSkyNick]

Re: Microshaft patches

In fairness to Microsoft - its not often I say that - Windows XP is designed with far greater security functionality designed into it than any of the previous systems.

Apparently, Bill Gates has only written a memo to all staff on 3 occasions, the most recent being to tell them that security must be inherent in everything produced by Microsoft.

They are very unlikely to sell you and I a system which is totally secure because the baddies are always inventing something new, hence the need to provide updates, ie patches, on a regular basis.

<hr width=100% size=1>As one bar of soap said to another - "That's Life Boy"

 

[jerryat]

Re: Microshaft patches

Hi!
Me too!! I download as soon as possible, usually within a day or so. Like you, the vast majority cause no problems and I'm much happier taking the protection offered, than risking feeling really p****d off 'cos I didn't!!

Good sailing!

<hr width=100% size=1>

 

[Birdseye]

Re: Microshaft patches

Come on Guys - this is the government we are talking about. No MCA officer will be individually allowed to download patches. Probably has to be done by some outside consultancy (big firm of beancounters?) and only when the head office director of IT has authorised action, three quotes been received, a purchase order placed etc. So about the same time scale as replacing a lightbulb, say?

Even had they not done the patch, how long does it take to download the removal tool from Symantec? 10 mins?

OK I might be exagerating, but do you think the individual desk officer would be allowed to update systems.

<hr width=100% size=1>this post is a personal opinion, and you should not base your actions on it.

 

[ex-Gladys]

Re: Microshaft patches

I think there's a lot of ignorance being displayed about company run IT systems, either private or public. I manage the service for a large local gov org (1800 desktops). Deploying a patch to that number of users is neither quick nor easy. For ease of admin, desktops are completely locked down, and even so some of the clever buggers find ways around and then complain when their PC don't work. Add to that management culture that doesn't accept any scheduled maintenance outages and you start to see the issues. I'm sure the MCGA like us are outsourced for IT support, and yes they will like us have gone through Competitive tendering. Govt no longer have to buy cheap we have to buy Best Value.

My IT service runs at fault rates of 60% industry (and I mean ALL industry) average at a cost of about 80%. So we have a cheaper, more reliable service. I'm sure MCGA won't be far off that as well. Also don't hear anybody bleating that some international banks have been wiped out.

By the way my team did the patching on 60 servers and 1800 desktops in 5 hours.

<hr width=100% size=1>Larry Botheras

Anderson 26 "Amber"

 

[BrendanS]

Re: Microshaft patches

As others have said, very different patching your home/office computers, to updating modern company network.

Many of these patches and updates can have problems on a big networked system, and not just from MS. They can receive hundreds, or even thousands in a week. These have to be installed and run and tested in a development or test environment that mirrors the live environment to some extent, with loads of different software operating systems and application software. Then transferred to a pre live maybe, which more accurately models scale testing of live environment, then to live. All of this has to be done in a way where changes can be rolled back if problems ensue, and probably many upgrades fixes and patches rolled out, so if there are problems, can take a long time with help from many software vendors to diagnose where the fault/problem is

It's a massively complex job in a big networked environment. The bigger the systems, the bigger the testing has to be. CG is quite a small system by comparison to say big banks, but won't have the same number of people to throw at it

<hr width=100% size=1>Catapultam habeo. Nisi pecuniam omnem mihi dabris, ad caput tuum saxum immane mittam.

 

[Nick_Pam]

Re: Microshaft patches

Here here Larry...
I look after a Microsoft software based government networks (slightly bigger at 150,000 seats!!) and it will take approximately 6 weeks to test every single patch against the gamut of applications that the department runs to make sure that it doesn't stop anything working.
Since the system pays out money, amongst other things, you can just imagine how loud the screams would be if we broke it!!!
Fixing my XP home machine, as someone else commented, is just about foolproof by using the built-in XP update tool.
Different beasts!!
Nick

<hr width=100% size=1>