Q

Figuring out a patch problem

We installed this Microsoft patch on our network last week, but since then the Nachi worm has been popping up in every workstation. What do you think is the reason?

Most likely, you have an infected machine or two somewhere in your network. This worm scans for vulnerable machines, and when it finds one it drops onto it a TFTP server. The TFTP server would then download the worm and your AV software would detect the file upon creation and generate a popup alert.

You need to ensure that you have re-booted each workstation after patching and scan each and every machine on your network to find those that are infected.


For more info on this topic, check out these SearchSecurity.com resources:
  • Best Web Links: Patches/patch management
  • Best Web Links: Microsoft security

  • This was first published in September 2003

    Dig deeper on Security patch management and Windows Patch Tuesday news

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close