University of Chicago recommends all students patch Windows at least once a day

Bob Bartlett, Director, Enterprise Network Services & Security for The University of Chicago has posted the University’s “Policy on Windows Networking in the dorms.” It is illuminating, to say the least:

From: Bob Bartlett, Director, Enterprise Network Services & Security
To: 2004-2005 University House System residents
Date: September 8, 2004

Subject: Policy on Requirements for Computers on University House System Networks

Background:

As you may be aware, computers running Microsoft Windows are being broken into at a higher rate with each passing year. This is very much the case on corporate networks, but it can be an even larger problem for university networks, which tend to be more open to attack. The University of Chicago’s network is no exception. At Chicago, over 3,200 computers running some version of Microsoft Windows were broken into last year, and we estimate that the 2004-2005 school year will be even worse. Last year the most frequently compromised computers belonged to students in the University’s housing system, even though the computers in the housing system are a minority of the Microsoft Windows computers on the University’s network.

Networking Services & Information Technologies (NSIT) has done several things to try to mitigate the damage caused by worms and viruses that target Microsoft Windows, including blocking some traffic at the edge of the campus network. Unfortunately, in a network as large and as open as the University’s, this does little good. Once a single computer infected with a worm is brought inside the University’s network, the worm will run unchecked within the campus network. One compromised computer will turn into hundreds within a few hours.

Solutions:

The only two ways to solve this problem are to keep every Windows system on the network completely patched at all times or to put firewalls in front of every computer. While we strongly encourage all students to patch their Windows operating systems automatically at least once a day, NSIT has purchased a site license for ZoneLabs Integrity Firewall for Windows. This firewall will be distributed with the University’s Connectivity Pack v.11, and is available for download at https://firewall.uchicago.edu . There is no charge for this software.

Policy:

Starting with the 2004-2005 school year, for both your protection and that of the rest of the campus network, we no longer permit computers running remotely accessible Windows Networking services to use the networks in the housing system.1 Since the University has made this software available at no cost to all students, a firewall which blocks Windows Networking traffic will now be required on all hosts in the housing system This applies to computers running all versions of Microsoft Windows, and some systems running Mac OS X (those explicitly configured to share files with Windows computers).

More info here.

MacDailyNews Take: Patch Windows at least once a day?! So, multiple times per day would be better? How about doing it hourly? This isn’t a joke, it’s a nightmare, and it’s sad. Is this really any way to live your personal computing life? For our Windows-only readers, it’s time. There most definitely is a better way. For information about smoothly adding a Mac OS X machine to your computing arsenal, please click here.

Related MacDailyNews articles:
Is Mac OS X really inherently more secure than Windows? – August 26, 2003
BusinessWeek’s Haddad gets it wrong; thinks low market share spares Macs from viruses – August 28, 2003
Shattering the Mac OS X ‘security through obscurity’ myth – August 28, 2003
Fortune columnist: ‘get a Mac’ to thwart viruses; right answer for the wrong reasons – September 02, 2003
New York Times: Mac OS X ‘much more secure than Windows XP’ – September 18, 2003
Columnist tries the ‘security through obscurity’ myth to defend Windows vs. Macs on virus front – October 1, 2003
Gates: Windows ‘by far the most secure’ system; tries to use ‘Mac OS X secure through obscurity’ myth – January 27, 2004
Mac OS X has no viruses; what’s wrong with Windows? – February 11, 2004
Spyware, adware plague Windows users online; Mac OS X users surf freely – April 19, 2004
Gartner: Worms jack up the total cost of Microsoft Windows – May 07, 2004
Windows ‘Scob’ virus designed to steal financial data, passwords; Macintosh unaffected – June 26, 2004
Tired of patching patches to patch Windows patches? Writer suggests getting a Mac – August 03, 2004
Millions of Windows PC’s hijacked by hackers, turned into zombies; Macintosh unaffected – September 08, 2004
Security is top priority in Apple’s Mac OS X – September 12, 2004
Windows XP worm speaks to users as it deletes their files; Macintosh unaffected – September 13, 2004

33 Comments

  1. I really don’t know what the problem is. When Longhorn is released in 2030 it will be the most advanced OS available on the market. Viruses will still exists, but thanks to the new ‘Microsoft System Integrity Virus Definition Access, Execute & Incorporate’ application, which will only cost $99 per month to subscribe (subscriptions are the future you know) they will be eliminated before the cause any problems. Trust me, this thing is good.

    Anyway, until Longhorn is released, let me do a dance for you…

  2. So….. if you patch your WinDoze system…. that should take care of the current and past malware…. right ??

    But it does nothing for the malware you get today… correct ??

    A vicious cycle, to be sure….

    Why are so many people stupid enough to put up with all this ?

  3. Funny, last night at Monday night football:

    3 friends, and myself:

    One commented that he spent several hours earlier in the day completely wiping a HD and reinstalling XP. Essentially his home computer had been rendered unusable due to pop-ups and generally snail pace performance.

    One of the others who knows I use macs, stated to me: “You don’t get pop-ups do you?”

    To which I responded (with a smirk): “Nope, and no known viruses either.”

    The coup-de-gras, however, was at half-time when the host fired up his laptop to view the Bush/Kerry parody over at jibjab.com. I’m not kidding on this: The computer took almost the entire half to boot, and then launch IE! His comment, as to why it was taking so long, was something about his anti-virus software.

    It’s the Stockholm Syndrome.

    Zac

  4. Perfusionista…

    I still find it funny to see / hear Micro$oft AND security .. in the same sentence…

    Something about being an oxymoron….

    Fitting… dont you think…for all the morons who use Micro$oft !

  5. I run my anti-virus updates at least once a week here at work, if not more often. I would run my Windows Update too, if it weren’t for the fact that our IT guys told us to avoid it like the plague. ” width=”19″ height=”19″ alt=”smile” style=”border:0;” />

    As I’ve told my friends on numerous occasions, it’s interesting to see that nearly all Mac users are also PC users. But nearly all PC users, particularly those that hate or refuse to try the Mac, have never used the Mac. Which group is more enlightened? ” width=”19″ height=”19″ alt=”wink” style=”border:0;” />

  6. [M$ should just start releasing patches in virus form and all the patching would get done automatically.
    LOL!!!!]

    But, what happens when M$ brings out Microsoft Windows Anti-Virus XP3 2005 in 2006?

    Will the virus killing updates kill the virus protecting updates? ” width=”19″ height=”19″ alt=”wink” style=”border:0;” />

  7. How many times can you have sex during the semester there? I bet they hand out 1 condom to. Remember if you are there to take it up the ass once a day then patch once a day.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.