ALERT

The Ultimate Game of Tag. You can choose to Win or Lose.

1) The Internet is his spray paint.
2) The latest list of known vulnerabilities are his designs.
3) Your Company is his canvas.

The driving force behind this latest worm Sasser, seems erierly similar to the graffiti tagging that goes on in cities around the world. The stage is different, and the consequences more costly, but the motivation seems to be the same: showing off.

Sasser, with all of it's variants, is the latest wake up call to be given to corporations around the world. Patch your systems. I know it's hard work, but taking the time to deploy a sensible patch management system is cheaper and safer than dealing with the effects of the next 18 year old German kid who wants to leave his mark on the world.

Let's review. Microsoft announces a known exploit of it's systems, and makes a free patch available that same day. Then the race begins. The taggers must learn the exploit, write code to attack it, spread it to a few people, who will spread it to more, and more, and more until it finally gets to you.

And they have to do it before you download the patch and install it.

If you have only one system, there is no excuse not to patch. It's free and easy, and you can set Windows to do it automatically on your behalf. If you run a network of systems, there are costs involved. First you have to test the patch to ensure that it has no unintended consequences, then you have to distribute that patch to all of your networked machines. Not trivial, but certainly manageable.

Don't get tagged. Patch early and often.

Tom Patterson is available to major media outlets to demystify the threats by explaining in simple terms how they work, what the real impacts could be, and what can be done about them.