If Tyranny and Oppression come to this land, it will be in the guise of fighting a foreign enemy
James Madison (American 4th US President (1809-17), and one of the founding fathers of his country. 1751-1836)

Friday, March 2, 2007

Geez talk about a slackin ass IT department...

I know this moniker should fall on the managements shoulder's alone, as anyone below that point is just following matter how much are waving, memos, and whatever other means of communication they have tried that has fallen on deaf ears. Corporations for the most part are known for this lack of concern for patches...not all...most. The goof of the year thus far goes to Turner Broadcasting System, which was hit by the RINBOT, due to a security hole in Symantec's anti-virus, that spread throughout the company. Could this have been avoided?...uhh...yeah...since Symantec was the anti-virus of choice there has been a patch for a security hole that the anti-virus package has since 05/2006. PFT...that is definitely some pie in the face on that IT department...and I am sure someone will be fired as a result. Here is more on the story, the flaw, and the bug. Let's hear what you have on this? Oh yeah...gotta love Symantec's take on this (I have to say that this is in no way a fault of Symantec...the darn patch has been out there for 9-10 months):
* This worm attempts to exploit a previously addressed vulnerability in Symantec Client Security and Symantec Antivirus, (SYM06-010; BID 18107); patches for the particular Symantec product vulnerability have been available since Thursday, May 25th, 2006. As a result, customers who have applied the patch in their environment are unaffected by the worm's attempt to leverage the Symantec vulnerability for an attack. Customers running Symantec Client Security or Symantec intrusion prevention (IPS) capable products are protected against all known and unknown exploits of Symantec Client Security and Symantec AntiVirus Elevation of Privilege (SYM06-010; BID 18107)via IPS signatures released on May 26th, 2006. Symantec highly recommends that users of the affected products patch their systems as soon as they are able to help avoid the spread of this particular worm family. If systems are infected with W32.Rinbot.L and this security patch has not been applied please read the document, Attempting to migrate from 10.x to a newer version fails after becoming infected with a worm which exploits SYM06-010. IPS signatures against all known and unknown exploits of the Symantec Client Security and Symantec AntiVirus Elevation of Privilege (SYM06-010; BID 18107) were released on May 26, 2006.

CNN parent hit by bot worm @ C|NET
A Bad Week for Symantec @ /.
New computer virus threatens biz nets @ CNN
Symantec Client Security and Symantec AntiVirus Elevation of Privilege @ Symantec THIS IS ABOUT THE FLAW THAT WAS USED TO GET PAST SYMANTEC'S ANTIVIRUS
W32.Rinbot.L @ Symantec
The SYM06-010 patch for Symantec Client Security and Symantec AntiVirus @ Symantec PATCH THAT HAS BEEN AVAILABLE SINCE 05/2006

No comments: