You are already vaccinated? And your computer?
Infections (in the form of malware or "exploits") are also wreaking havoc in the IT sector. And here, too, there is an equivalent to vaccination in the form of applying patches.
As with real-life diseases, however, there are also "vaccination muffleers" in the IT world - with fatal consequences for themselves and others. Conficker (also known as Downup, Downadup, kido and Worm.Win32/Conficker) can be described as the "flu of IT".
The computer worm has been around since 2008. To do so, it uses a gap in Windows (MS08-067), with which it spreads via the network. Microsoft closed this gap very quickly for all affected operating systems and provided corresponding patches.
This should make Conficker history. Actually.
... but unfortunately this is not the case. On the contrary, we are by no means talking about "trifles" here.
The Conficker Working Group continues to track the infection landscape to this day: according to them, the number of infections is still in the two- to three-digit thousands, depending on how they are counted, even today, eight years later.
Eight (!) years in which the vaccine medicine, i.e. the patch, is already available! As with diseases, there are cases in the IT world that cannot or must not be addressed simply with patches (medicine).
Accordingly, however, the vaccination of the others is all the more important! After all, this reduces the risk of infection for unpatched (unvaccinated) systems above a certain threshold to practically zero.
Unfortunately, the number of unpatched systems is alarmingly high. This means that they represent gateways for attacks. In other words, Conficker turns these unpatched systems into a kind of "bridgehead" from which attackers can attack other systems within the infrastructure at their leisure.
And eight years after Conficker, that's bordering on intentional, to say the least - if not beyond ...
Unfortunately, this is not the only case that suggests widespread negligence in patching.
A more recent example is Stuxnet. While most associate it exclusively with attacks on industrial controllers, Stuxnet exploited a whole bouquet of vulnerabilities, including CVE-2010-2568 - a vulnerability that allows arbitrary code execution using shortcut files.
Although the coverage of Stuxnet was massive, this also shows that it does not necessarily lead to greater security awareness. Even today - "only" six years after Stuxnet - this gap is one of the primary attack weapons on the Internet.
Many exploit kits, e.g. the widely used "Angler Exploit Kit", still use this loophole today. This fact clearly shows that "enough" PCs can be infected even with these old exploits.
These two examples clearly show that there are unfortunately still (too) many "patch muffleurs". And the argument of lack of time really doesn't hold water after six and eight years, respectively... Unpatched systems not only pose a danger to themselves - they also endanger others by serving as a bridgehead.
Therefore, here's an appeal: Applying patches (in a timely manner) is more important today than ever. Please do it! Today there are hardly any reasons not to patch! Thanks to virtual shielding, for example, it is now possible to provide adequate protection for critical systems immediately. This means that while the patch is being tested in peace, you are safe from the attack for the time being.
After a successful test, the patch is installed via patch management and the virtual shield is removed. For systems that cannot be patched, virtual patching may even be a permanent measure.
This means that there is no longer any reason to operate (Internet-accessible!) systems with these gaps.
Ultimately, it is like the flu and measles. One hundred percent coverage is not even necessary - if a threshold value is not reached, de facto protection is statistically given for all.
Unfortunately, we are a long way from that, both in the case of diseases and in the IT world. And specious arguments unfortunately only help the disease or the "pathogens" here: the cybercriminals.
