MS Duck and Cover

By Sean Gallagher  |  Print this article Print


Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame

Microsoft confirmed Friday that source code from Windows NT 4.0 and Windows 2000 had been leaked on the Internet. Here are some steps you can take to reduce short-term risks.

Microsoft confirmed Friday that source code from its well-worn Windows NT 4.0 and Windows 2000 operating systems had been leaked on the Internet.

Here are a number of steps you can take right now to reduce short-term risk to your systems:

  • Patch everything pronto
    Make sure that you've got all your systems on a network up to the most recent set of Microsoft hot-fixes. That's easier said than done; you'll need to ensure that the patches don't break any of your current applications. For anything that is broken by the patch, you'll have to make the call--is this important enough to the company to risk leaving systems open to attack?

  • Tighten up your firewalls, both at the edges of your network and within it
    Take a hard look at the types of network traffic you're letting pass through firewalls; if it isn't essential to a critical application, then shut it down.

  • If you don't have patch management software, get it
    If Microsoft is forced to pick up the pace of deploying fixes to security holes, then the task of manually managing the installation of fixes will become a major resource drain—and the longer it takes to roll out each new patch, the greater your window of vulnerability.

  • Watch your network traffic like a hawk
    Baseline the types of traffic on your network now, and watch for spikes that can't be explained by normal application usage. One of the latest known bugs in Windows, for example, exploit the Windows Internet Name Service (WINS)--a sudden peak in WINS requests might indicate an attack.

    To read the full story, click here.

    Sean Gallagher is editor of Ziff Davis Internet's enterprise verticals group. Previously, Gallagher was technology editor for Baseline, before joining Ziff Davis, he was editorial director of Fawcette Technical Publications' enterprise developer publications group, and the Labs managing editor of CMP's InformationWeek. A former naval officer and former systems integrator, Gallagher lives and works in Baltimore, Maryland.

    Submit a Comment

    Loading Comments...