Microsoft confirmed Friday that source code from its well-worn Windows NT 4.0 and Windows 2000 operating systems had been leaked on the Internet.
Here are a number of steps you can take right now to reduce short-term risk to your systems:
Make sure that you’ve got all your systems on a network up to the most recent set of Microsoft hot-fixes. That’s easier said than done; you’ll need to ensure that the patches don’t break any of your current applications. For anything that is broken by the patch, you’ll have to make the call–is this important enough to the company to risk leaving systems open to attack?
Take a hard look at the types of network traffic you’re letting pass through firewalls; if it isn’t essential to a critical application, then shut it down.
If Microsoft is forced to pick up the pace of deploying fixes to security holes, then the task of manually managing the installation of fixes will become a major resource drain—and the longer it takes to roll out each new patch, the greater your window of vulnerability.
Baseline the types of traffic on your network now, and watch for spikes that can’t be explained by normal application usage. One of the latest known bugs in Windows, for example, exploit the Windows Internet Name Service (WINS)–a sudden peak in WINS requests might indicate an attack.
To read the full story, click here.
Subscribe for updates!