Welcome to the website of Tom Patterson,
helping companies and Governments around the world securely govern their
The Ultimate Game of Tag. You can choose to
Win or Lose.
1) The Internet is his spray paint.
2) The latest list of known vulnerabilities are his designs.
3) Your Company is his canvas.
The driving force behind this latest worm Sasser, seems erierly
similar to the graffiti tagging that goes on in cities around the
world. The stage is different, and the consequences more costly, but
the motivation seems to be the same: showing off.
Sasser, with all of it's variants, is the latest wake up call to be
given to corporations around the world. Patch your systems. I know
it's hard work, but taking the time to deploy a sensible patch
management system is cheaper and safer than dealing with the effects
of the next 18 year old German kid who wants to leave his mark on
Let's review. Microsoft announces a known exploit of it's systems,
and makes a free patch available that same day. Then the race
begins. The taggers must learn the exploit, write code to attack it,
spread it to a few people, who will spread it to more, and more, and
more until it finally gets to you.
And they have to do it before you download the patch and install it.
If you have only one system, there is no excuse not to patch. It's
free and easy, and you can set Windows to do it automatically on
your behalf. If you run a network of systems, there are costs
involved. First you have to test the patch to ensure that it has no
unintended consequences, then you have to distribute that patch to
all of your networked machines. Not trivial, but certainly
Don't get tagged. Patch early and often.
Tom Patterson is available to major media outlets to demystify the
threats by explaining in simple terms how they work, what the real
impacts could be, and what can be done about them.
See samples from Tom's upcoming book,
Mapping Security: Corporate Security
Sourcebook for Today's Global Economy