Opinion: The Zotob attacks could have been prevented by proper Windows patching, or they could have easily been prevented for less by using Linux in the first place.
What do CNN, ABC, The New York Times and a lot of Fortune 500 companies all have in common?
Can you say "clueless Windows administrators"? I knew you could.
Zotob variants, todays Windows worm, are running roughshod over Windows 2000-based businesses.
The businesses being smacked by Zotob are a laundry list of some of the worlds biggest, best, and, when it comes to IT, dumbest companies.
First, theyre not the brightest bulbs because theyre still using Windows 2000.
In case youve been hiding under a rock, Windows 2000 support croaked on June 30.
Despite that, when I talked with some CIOs and CTOs in April, most of them were still using W2K.
Worse still, they had no plans to immediately switch over to XP or any other alternative.
Click here to read more from Steven J. Vaughan-Nichols about Windows 2000 support.
It wasnt just the people I talked with. According to AssetMetrix,
almost half of businesses were still using desktop W2K earlier this year.
Yes, Microsoft will issue critical security patches for W2K, but the company has also said that it will not be releasing any major security updates, a la XPs SP2, for W2K.
Read more here about updates for the Windows 2000 operating system.
Second, Zotob can be stopped in its tracks by anyone who simply installed the latest W2K patches.
Heck, Microsoft even warned everyone that big trouble was on its way for W2K users.
Youd think that anyone with half a clue would have spent this weekend patching their W2K systems. Obviously, many didnt.
Still, there were some mitigating circumstances.
First, Microsoft, for reasons the company still hasnt disclosed, reissued its initial security fix for three critical Internet Explorer vulnerabilities that had been corrupted in some instances in its initial release.
To read more about Microsoft fixing a glitch that blocked some users from downloading patches, click here.
And, lets not forget, that some third-party security applications were breaking because of the last major Windows 2000 update.
Dead in the water.