Q

Figuring out a patch problem

We installed this Microsoft patch on our network last week, but since then the Nachi worm has been popping up in...

every workstation. What do you think is the reason?

Most likely, you have an infected machine or two somewhere in your network. This worm scans for vulnerable machines, and when it finds one it drops onto it a TFTP server. The TFTP server would then download the worm and your AV software would detect the file upon creation and generate a popup alert.

You need to ensure that you have re-booted each workstation after patching and scan each and every machine on your network to find those that are infected.


For more info on this topic, check out these SearchSecurity.com resources:
  • Best Web Links: Patches/patch management
  • Best Web Links: Microsoft security

  • This was last published in September 2003

    Dig Deeper on Security patch management and Windows Patch Tuesday news

    PRO+

    Content

    Find more PRO+ content and other member only offers, here.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    Start the conversation

    Send me notifications when other members comment.

    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

    Please create a username to comment.

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close