The Joy of Linux 0
El Reg reports (emphasis added):
It’s been confirmed that more than 800 computers have been infected with self-replicating Conficker code. Insiders at Sheffield Teaching Hospitals Trust said they suspect many more machines are affected but have not been reported to IT.
The Trust told The Register it now has the outbreak under control and is engaged in “clearing up” remnants. Non-urgent appointments in the medical imaging department had to be cancelled while its computers were disinfected. A Trust spokeswoman said no other direct impact on patient care was known.
The decision to disable automatic security updates was taken during Christmas week after PCs in an operating theatre rebooted mid-surgery. Conficker was detected on December 29.
Of course, turning off Windows updates is a bad idea, because Windows security is so fundamentally flawed that fixing it is a career, not a task.
I set my Windows boxes to download updates and let me decide when to install them. That way, the updates can’t install themselves while the user is, say, committing surgery.
Running around and manually installing updates on 8,000 computers, either directly or remotely, would be a daunting task for the IS folks, but it sure would be better than rebuilding 800 computers that have been conflicked up.
