HOUSECALL information technology

WHAT WE DO

Technology ● Consulting ● Partnership

HouseCall is a leading provider of partnered information technology products and services for US Congress and commercial businesses. We handle all IT needs from desktop support and network/systems administration to web and software development.

HouseCall, LLC
25050 Riding Plaza
Ste. 130
Chantilly, VA 20152

email us

601 Pennsylvania Ave, NW
South Building
Suite 900
Washington, DC 20004
Phone: 202-905-2722
Fax: 202-318-3215

  • Apple Authorized Reseller
  • Polycom Certified Partner
  • Dell Partner
  • Lacie Partner

CONFICKER/DOWNADUP

Posted: Monday, March 30th, 2009

Organizations with whom we work have assured us that the patch necessary to  protect against CONFICKER/DOWNADUP has been updated to computers we support.  Antivirus software that is deployed and managed by the organizations we support should also further protect your computer.

Despite the protection that has been deployed, one potential vulnerability found is when staff introduce infected USB keys or external hard drives and iPods to the network.  If they do not have necessary protections on their home computers and they are infected, there is a chance the virus can be transferred to a removable hard drive and that hard drive could infect a work computer when it is plugged in.  We strongly encourage staff to be careful on their home computers, especially if there is a data thread that can link the home computer with a work computer by way of a removable storage device.  Please recommend your staff install the patch below on their home computers if the are Windows-based and to be careful with what they put on removable data drives.  I recommend that a removable drive only be plugged in when it is needed, to save or transfer a file from the computer to the device; then remove it immediately.  This won’t completely protect you, but it could minimize exposure.

Ideally, staff should consider not using removable drives with computers that are not on their work network or have not been configured to comply with their organization’s security, wherein we have a controlled environment. The exception is if they have assurances that the non-work computer is completely protected with bellwether antivirus, antispyware and firewall products.  At this time, even work laptops should be considered a risk unless they are on the organization’s network often enough to update remotely.  If you have any laptops at staff homes, may I suggest you ask them to bring them in so we can make sure they are up-to-date?

Patch for home computers: http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

Tags: , ,

Filed under Blog

Comments are closed.