Current worm warning should be taken very seriously, immediately

Summary:If you're like me, then you're probably one of those people who often procrastinates when Microsoft's Update component either tells you it has updates to install, or asks if you want to reboot now or later (after installing an update). Because of whatever applications I have open, what's going on in those apps, and what a pain it would be to get back to that state, the loss in productivity means that I can almost never afford to reboot when Microsoft Update wants me to.

If you're like me, then you're probably one of those people who often procrastinates when Microsoft's Update component either tells you it has updates to install, or asks if you want to reboot now or later (after installing an update). Because of whatever applications I have open, what's going on in those apps, and what a pain it would be to get back to that state, the loss in productivity means that I can almost never afford to reboot when Microsoft Update wants me to. Generally speaking, I file the thought away in my head as "I'll do it later, just before dinner, when I can gracefully shut all my apps down."  But then dinner comes, some of those apps are still running with half-completed work (eg: Wordpress with a blog post publishing form half-filled out and an an important item in the clipboard that I don't want to lose), and I don't reboot. This morning, Microsoft Update was nagging me again and I'm glad it was.

Compared to other nags -- even ones for viruses (I sometimes put those off too) --  this is one nag you don't want to procrastinate with.  The current round of updates includes protection for a worm that most security experts are saying is inevitable.  That doesn't mean its inevitable that you're going to get it.  That means the worm's existence --  in other words, its release onto the Internet -- is a sure bet.  Not that I'd suggest putting off updates that address viruses. But viruses, generally speaking, require some action on your behalf in order for you to get infected.  For example, opening an infected e-mail attachment or downloading and opening some sort of software from the Internet that hasn't been pre-tested for an infection can result in your own infection (one of the advantages of getting software from ZDNet's sister site Download.com has long been that all software is pre-tested: the tagline "Safe, trusted, and spyware-free" says it all).

As far as I know, it has been a very long time since any of my systems has gotten a virus and some of them don't even have anti-virus protection on them. One reason those systems are virus free (especially the ones without A/V protection) is that best practices can go a long way towards preventing infection. Although it's not a guarantee, I don't open e-mail attachments from just anyone and there are certain types of attachments I'll never open. I almost never open e-mail attachment by double-clicking on them. Instead, I detach them and will sometimes open them using a separate Virtual Machine-based instance of Windows XP that can afford to be infected. I also prefer to run at least some of my systems in a lesser privileged user (LPU) mode.  In other words, the user ID does not have administrative privileges which in turn raises another barrier to some viruses, which like other legitimate software, simply can't install themselves under the limited access control rights that are available to the LPU.

But worms are different.  You don't have to do anything for a worm to wriggle its way into your system. With no assistance from you, worms essentially find their way into your system through a backdoor and once they're in, devastation can follow.  Some of the worst exploits in PC history were worms.  Slammer, Blaster, Code Red, Sasser, and Zotob come to mind.  Not only can a worm do an incredible amount of harm to your own systems, it can deputize your system in an effort to spread itself to other systems, essentially turning your system into a Typhoid Mary. This is one reason why it's even super critical for businesses to patch their systems immediately because once a worm gets behind a company's firewall, there isn't much that protects the other systems on the network from becoming infected.

It's exploits like the expected worm that Microsoft considers to be so critical that, in the interests of protecting the Internet (which sometimes can be completely overwhelmed by the traffic that results from worms) as well as its legitimate customers, the Redmond-based software giant will even patch pirated version of its operating system just to keep the exploit at bay.  And anytime Microsoft is willing to patch even pirated versions of its software, you know it's serious. So, trust me on this one.  Right now, save all your work, copy whatever is in your clipboard to a Notepad or word processing file, copy any open URLs that you want to return to into that file as well, save it, and run Microsoft Update.  I know it's a hassle.  But it's nothing compared to the hassle you could be in for if you put it off much longer.

Topics: Malware

About

David Berlind was fomerly the executive editor of ZDNet. David holds a BBA in Computer Information Systems. Prior to becoming a tech journalist in 1991, David was an IT manager.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.