Early bird avoids the worm
Most federal agencies applied a patch for the vulnerability last month
The Internet worm affecting computers nationwide today has had very little impact on federal agencies because most of them applied the patch for the vulnerability last month when the Homeland Security Department's National Cyber Security Division first issued the alert, officials said.
The Blaster worm, also known as Lovesan, has been spreading rapidly this week. It takes advantage of a vulnerability in Microsoft Corp.'s Windows operating system that was discovered in July. The cybersecurity division, through the Federal Computer Incident Response Center (FedCIRC), warned of the vulnerability July 17 and provided information on Microsoft's patch for it.
"Our patch rates were quite good, as evidenced by the fact that today we've had only sporadic reports of impact at federal agencies," said David Wray, a spokesman for the department. "We appear to have done our job."
FedCIRC, which has long pushed to get agency officials to report on the application of patches, has a patch evaluation and dissemination service that lets federal systems administrators get information only on patches that are relevant to their networks. That effort appears to be paying off, Wray said.
The cybersecurity division includes the staff and responsibilities of the National Infrastructure Protection Center, and is responsible for information security analysis of federal agencies and the critical infrastructure of the entire country. The private sector, such as the Internet service providers, oversees much of that infrastructure, but the division keeps in close contact with those companies to monitor the worm, Wray said.
NEXT STORY: DOD board: Shift soldiers out of the office