MS Duck and CoverBy Sean Gallagher | Posted 2004-02-13 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Microsoft confirmed Friday that source code from Windows NT 4.0 and Windows 2000 had been leaked on the Internet. Here are some steps you can take to reduce short-term risks.Microsoft confirmed Friday that source code from its well-worn Windows NT 4.0 and Windows 2000 operating systems had been leaked on the Internet.
Here are a number of steps you can take right now to reduce short-term risk to your systems:
Make sure that you've got all your systems on a network up to the most recent set of Microsoft hot-fixes. That's easier said than done; you'll need to ensure that the patches don't break any of your current applications. For anything that is broken by the patch, you'll have to make the call--is this important enough to the company to risk leaving systems open to attack?
Take a hard look at the types of network traffic you're letting pass through firewalls; if it isn't essential to a critical application, then shut it down.
If Microsoft is forced to pick up the pace of deploying fixes to security holes, then the task of manually managing the installation of fixes will become a major resource drainand the longer it takes to roll out each new patch, the greater your window of vulnerability.
Baseline the types of traffic on your network now, and watch for spikes that can't be explained by normal application usage. One of the latest known bugs in Windows, for example, exploit the Windows Internet Name Service (WINS)--a sudden peak in WINS requests might indicate an attack.
In the channel, HP, Inc. is a storied vendor that has relationships...