Blasted

We took a family trip to visit relatives in New Jersey over the past few days. We brought my wife's laptop because mine has gone back to Dell for a repair of a broken trackpad. At home, all our client machines are protected by a firewall. I'm also fairly diligent about keeping the anti-virus software and critical system patches up to date... but my wife's laptop is a special case. I try not to touch it unless I really have to; and since the firewall protected her against the MSBlaster worm I didn't happen to bother going in and installing that particular patch. Well, on the road there's no firewall for protection from attack when we dial into the ISP account, but the anti-virus software should at least protect the machine from a full-scale infection... except I had disabled the automatic updates of the virus patterns when my wife took the laptop away over the summer, and had forgotten to re-enable it when she came home. Oops! Within less than ten minutes of connecting to a dialup account, the machine was attacked and successfully infected by MSBlaster. I had to spend the better part of a day first getting a personal firewall activated on the machine, then getting the latest virus patterns downloaded, then booting into safe mode to run a full virus scan, then getting the latest Microsoft patches downloaded and installed.

Lesson learned: Never take a laptop off premises without first updating the critical patches and the virus patterns. Never!

Lesson two: It might be a good idea to reconsider the policy of not touching my wife's computer unless I really have to. It's definitely a lot easier to deal with the question "what did you do to my computer last night?" every few weeks than it is to deal with "why is there a virus on my computer?" even once! After all, that's how I would treat a CEO's computer.