University of Chicago recommends all students patch Windows at least once a day

Bob Bartlett, Director, Enterprise Network Services & Security for The University of Chicago has posted the University’s “Policy on Windows Networking in the dorms.” It is illuminating, to say the least:

From: Bob Bartlett, Director, Enterprise Network Services & Security
To: 2004-2005 University House System residents
Date: September 8, 2004

Subject: Policy on Requirements for Computers on University House System Networks

Background:

As you may be aware, computers running Microsoft Windows are being broken into at a higher rate with each passing year. This is very much the case on corporate networks, but it can be an even larger problem for university networks, which tend to be more open to attack. The University of Chicago’s network is no exception. At Chicago, over 3,200 computers running some version of Microsoft Windows were broken into last year, and we estimate that the 2004-2005 school year will be even worse. Last year the most frequently compromised computers belonged to students in the University’s housing system, even though the computers in the housing system are a minority of the Microsoft Windows computers on the University’s network.

Networking Services & Information Technologies (NSIT) has done several things to try to mitigate the damage caused by worms and viruses that target Microsoft Windows, including blocking some traffic at the edge of the campus network. Unfortunately, in a network as large and as open as the University’s, this does little good. Once a single computer infected with a worm is brought inside the University’s network, the worm will run unchecked within the campus network. One compromised computer will turn into hundreds within a few hours.

Solutions:

The only two ways to solve this problem are to keep every Windows system on the network completely patched at all times or to put firewalls in front of every computer. While we strongly encourage all students to patch their Windows operating systems automatically at least once a day, NSIT has purchased a site license for ZoneLabs Integrity Firewall for Windows. This firewall will be distributed with the University’s Connectivity Pack v.11, and is available for download at https://firewall.uchicago.edu . There is no charge for this software.

Policy:

Starting with the 2004-2005 school year, for both your protection and that of the rest of the campus network, we no longer permit computers running remotely accessible Windows Networking services to use the networks in the housing system.1 Since the University has made this software available at no cost to all students, a firewall which blocks Windows Networking traffic will now be required on all hosts in the housing system This applies to computers running all versions of Microsoft Windows, and some systems running Mac OS X (those explicitly configured to share files with Windows computers).

More info here.

MacDailyNews Take: Patch Windows at least once a day?! So, multiple times per day would be better? How about doing it hourly? This isn’t a joke, it’s a nightmare, and it’s sad. Is this really any way to live your personal computing life? For our Windows-only readers, it’s time. There most definitely is a better way. For information about smoothly adding a Mac OS X machine to your computing arsenal, please click here.

Related MacDailyNews articles:
Is Mac OS X really inherently more secure than Windows? – August 26, 2003
BusinessWeek’s Haddad gets it wrong; thinks low market share spares Macs from viruses – August 28, 2003
Shattering the Mac OS X ‘security through obscurity’ myth – August 28, 2003
Fortune columnist: ‘get a Mac’ to thwart viruses; right answer for the wrong reasons – September 02, 2003
New York Times: Mac OS X ‘much more secure than Windows XP’ – September 18, 2003
Columnist tries the ‘security through obscurity’ myth to defend Windows vs. Macs on virus front – October 1, 2003
Gates: Windows ‘by far the most secure’ system; tries to use ‘Mac OS X secure through obscurity’ myth – January 27, 2004
Mac OS X has no viruses; what’s wrong with Windows? – February 11, 2004
Spyware, adware plague Windows users online; Mac OS X users surf freely – April 19, 2004
Gartner: Worms jack up the total cost of Microsoft Windows – May 07, 2004
Windows ‘Scob’ virus designed to steal financial data, passwords; Macintosh unaffected – June 26, 2004
Tired of patching patches to patch Windows patches? Writer suggests getting a Mac – August 03, 2004
Millions of Windows PC’s hijacked by hackers, turned into zombies; Macintosh unaffected – September 08, 2004
Security is top priority in Apple’s Mac OS X – September 12, 2004
Windows XP worm speaks to users as it deletes their files; Macintosh unaffected – September 13, 2004

33 Comments

  1. I estimated that I spent 8 hours a week troubleshooting my Windows PC, and this is after work time. That works out to 516 hours a year spent doing nothing but diagnosing, upgrading, fixing, troubleshooting, scanning/removing spyware, adware and malware, and of course reinstalling Windows. Now, keep in mind, I’m also an ISP Technical Support tech, so I’m helping to fix computers for 40 hours a week, anyhow.

    Since I switched to Mac, I think I have spent roughly 12 hours in 2 1/2 years doing regular maintenance, upgrades, patches, and general troubleshooting. I have never had a major issue requiring more than 15 minutes at a sitting to resolve. This is a HUGE difference. This isn’t scientific by any means…but it proves to me that switching to Mac made my life much easier, and I have been able to do more than I ever could on my PC, because I’m not constantly trying to fix my Mac.

  2. Reading the arcticle has me thinking about pc users, if their cars ran like their pc’s, would they want to keep them? Why keep going thru the stress of a wintel life, when there are several alternatives out there…mac, Linux, etc…!

  3. MDN – I hardly think ‘arsenal’ is the best choice of word for any collection of computers containing a Windows-based machine. Unless, of course, the unfortunate targets for such fire-power are owners themselves . I wonder if there is a better word… perhaps hospital?

  4. I remember at my university when the blaster worm hit the wireless network, it spreaded like wildfire.

    A bloke I live with is a post graduate Software Engineer. His windows box was infected with some virus that just spewed garbage over the network. He was actually threatened with expulsion if he didn’t clean it, or remove the computer.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.