[LINK] MS strikes again

Kim Holburn kim at holburn.net
Thu Jul 2 16:28:20 AEST 2009

One of the problems I have with this is that the hospital should have  
been able to schedule it's updates to a time suitable.  It also should  
have separated desktops, servers and dedicated systems and vital  
systems.  Both network separation and update times.

One of the issues with windows is that it's really hard to have a cut- 
down dedicated system.   You might want a system dedicated to run some  
vital piece of hardware but it's still running all the windows GUI  
including IE and can be used to surf the web in all the wrong places.   
Sounds like a disaster waiting to happen.

On 2009/Jul/02, at 1:16 AM, Jan Whitaker wrote:
> from another list:
>> I was listening to Steve Gibson and Leo Laporte in a recent Security
>> Now podcast, and they were discussing a situation in which the
>> Windows automatic update had shut down a bunch of computers in a
>> hospital operating room wing to do updates automatically...
>> unfortunately it was *during* active surgeries...  then the hospital
>> turned off the Automatic Updates feature of Windows and ended up
>> getting infected with a worm...
> Confick or Downadup Worm Can Be Squashed: By Common Sense
> <http://windowsitpro.com/article/articleid/101302/confick-or-downadup-worm-can-be-squashed-by-common-sense.html 
> >
> <http://enclavesecurity.com/blogs/kellitarala/2009/01/21/hospital-ignores-sysadmins-disables-windows-update-pays-the-price/ 
> >
> Hospital ignores Sysadmins, disables Windows Update, pays the Price

Kim Holburn
IT Network & Security Consultant
Ph: +39 06 855 4294  M: +39 3494957443
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request

More information about the Link mailing list