Are You Part of the New Botnet?
In October 2008, Microsoft released an out-of-band update, or a critical update that is released outside of the normal update schedule. Well, for those of you who didn't update your systems, it might well be too late. The New York Times reports that this vulnerability is now being exploited and has already infected nine million computers.
What's going to happen if your computer is infected? Experts say that it will become part of a huge botnet; however, they don't know what that botnet will be used for. At the least, it sounds likely that your IT staff will be clearing up a mess with your computer, apologizing to your ISP, and attempting to get them to not classify all of your organization's outgoing e-mail as spam. A more serious prospect--it captures client information, like social security numbers, or modifies files, like your accountant's records.
My favorite quote from the article:
"I don't know why people aren't more afraid of these programs," said Merrick L. Furst, a computer scientist at Georgia Tech. "This is like having a mole in your organization that can do things like send out any information it finds on machines it infects."
Security researchers don't know who created this worm, but from their comments, they suspect that it was someone who knew what he or she was doing. - K
I would like to know about technology and what would keep our network safe.
Karen - A few other people chided me about not providing more information about what you should do. I hope that the update that I just posted helps.