MSBlaster and help written “by nerds for nerds”

The last week or so has been a depressing one for advocates of
the Windows platform with lots of publicity surrounding the

W32.Blaster.Worm
that spread like wildfire amongst Windows PC’s
that hadn’t been kept up to date with security patches.

Whilst it was to be expected that many home users, particularly
those on slow modems, might not have downloaded the 30-odd patches
awaiting them on Windows Update, it was depressing to see and hear
publicly quoted companies losing mission-critical servers to this
worm. This is frankly unacceptable. It might be a “problem”
installing patches that require system reboots but this is nothing
compared to the havoc created when systems are taken down. There
really can be no excuse for systems departments in reasonable sized
companies not monitoring the security patch situation and planning
deployment of critical updates when they are released. After all,
in this case people had plenty of time to get updated, and what do
these people do all day anyway?

With all the furore surrounding the Windows worm, not much
mention was made in mainstream media of the
GNU
Ftp Server compromise
and so little was done to quiet the
crowing from the “open source” (in other words here non-Windows)
community.

Following on the heals of the original MSBlaster worm,

a new version is released
that works to patch the machines it
infects with the Microsoft patch leading to a situation of “good”
worms fighting “bad”.

Some security experts were puzzled as to why users couldn’t
seem to deworm their own machines. MSBlaster is not especially
difficult to remove.

But some users said that it was difficult to find any
understandable information about removing MSBlaster.

“These virus and worm removal advice I see are obviously
written by nerds for nerds,” said Paul Pacifico, a beauty supply
salesman in Brooklyn. “Most of the time I can’t ever figure out
what the hell they’re on about.”

Pacifico also said his computer was running perfectly today,
and a scan shows that it, too, was infected with the new
worm.

Another

critical update
was highlighted in the past couple of days with
an updated security bulletin. I have to say that I found it a
little difficulty working through all the technical blurb to find
out which version would apply to my PC in order to confirm that I
did already have the patch installed. It is unsurprising then that
some end users struggle with the “by nerds for nerds”
descriptions.

Microsoft clearly realise this and aside from “working on better
ways to release patches”, have
created
a more Joe Public site explaining how users can better protect
themselves.

“But I actually had one of our secretaries tell me today,
after I warned the staff about this antiworm, that she’d rather let
the new worm fix her home machine than to ‘have to fuss with all
this security stuff.'”

“I didn’t know whether to laugh or cry,”

confessed Godell
.

Hopefully the lesson going away from this will be that people
will pay more attention to keeping up to date with patches,
especially in mission-critical systems. I might say, though, that
I’ll believe it when I see it.