Critical Security Patch

Yesterday Microsoft announced an "out of band" critical security patch for all operating systems. This is a very unusual occurrence. Normally patches are released on a schedule and occur at regular predictable intervals.  Our patching systems are in sync with this schedule.

We will be attending an emergency conference call with Microsoft on the situation this afternoon. Not since 2000, has Microsoft sounded the alarm this loudly and we're definitely taking notice and action.

This patch will require manual intervention and we'll be working to deploy this patch as quickly as possible. Microsoft has indicated that the exploit for this is already in the wild and anti-virus vendors have not yet created protection against it.

As a result most systems will require rebooting for the fix to take effect. Please understand this is necessary to protect your business. We will make an effort to schedule this reboot with you.

In addition to protecting your own systems, I recommend that you do not allow visitors on your network for the time being. A visiting PC that is not yet patched and possibly infected could bring this worm to the inside of your network. If a visiting PC must access the network you should ask them for confirmation that they have installed the critical patch issued yesterday.

Also be careful with traveling laptops. We will detect and patch them, if they are joined to your domain, but to be safe I would consider them suspect and ask any of your roaming staff to be sure to visit http://windowsupdate.microsoft.com and install all available critical updated before coming to the office.