How IRS dodged bullet
- By Mary Mosquera
- Aug 22, 2003
While the MSBlaster virus wormed its way through computers this month, the IRS took out an insurance policy to protect its systems.
'We moved to fix systems before we had a problem,' said Jim Kennedy, IRS program manager for enterprise systems management. The service uses IBM Tivoli management applications to distribute software electronically to systems enterprisewide.
The worm, which exploits a vulnerability in Microsoft Windows, infects unsuspecting computers with code designed to launch a denial-of-service attack against a Microsoft Web site. The virus reportedly spread through more than 550,000 systems, according to Symantec Corp. of Cupertino, Calif., despite the availability of a patch from Microsoft Corp.
Instead of checking whether individual users were experiencing problems, Kennedy and his team used the Tivoli Software Distribution 4.1 product to blanket the tax agency's computers with the Microsoft patch and behind that Symantec's clean-up tool. 'If a machine is infected with Blaster, the software cleans it up; if not, it does nothing,' he said
Mary Mosquera is a reporter for Federal Computer Week.