Dear Hyper-V fans, I'll take that apology now.
[UPDATE] Systems that don't have RDP enabled aren't vulnerable to this RDP worm.
If you used VMware, you wouldn't have to reboot your vulnerable systems after patching for the RDP Worm today. Sure, you'll still have to patch all of your Windows VMs that ride on top of your VMware hosts but at least you don't have to patch and reboot the VMware host systems. Wait, I think I actually might have mentioned this very possibility in my follow-up article to the Great Debate: Hyper-V vs. VMware with Jason Perlow.
I don't like having to say, "I told you so" but I really did tell you so.
Let me post my exact quote from that follow-up just so I can read it again:
Windows Security - Oxymoron Time
Unless your name is Rip van Winkle, you know that Windows is, shall we say, light on security. There’s a good reason why every other major hypervisor is Linux-based in some way or another: Security. That isn’t the only reason but it’s a darn good start. Plus, how many reboots of your Windows host will it take to continuously patch? Can your production environment withstand the downtime?
Additionally, when your Windows host becomes infected with a worm or virus, how many VMs will it take with it? Answer: All of them.
Now's your chance to answer my question, "Can your production environment withstand the downtime?"
While you're patching, rebooting and making excuses, I've compiled a short list of resources to help you through the pain you're currently feeling.
VMware's Phone Number: 1-877-486-9273
I hate worms, viruses and Trojan Horses because I think that the people who write them have nothing better to do with their time and it's a tremendous waste of resources for companies who are innocent. It just causes loss and grief. It's malicious and pointless.
And, all of the due diligence in the world won't protect you when this kind of thing happens. Well, aside from choosing a technology that you know has these kinds of vulnerabilities.
By the way, in case you're wondering, yes, this is going to wreck MY weekend too. And, it's the beginning of Spring Break for my kids who had hoped to spend some quality time with both of their parents.
Now, how did that process go again? Oh yeah, "Patch. Reboot. Pray. Patch. Reboot. Pray. Lather. Rinse. Repeat."
[UPDATE Addition] I still recommend patching your systems on their next patch cycles whether RDP is enabled or not.
See Also:
Exploit code published for RDP worm hole; Does Microsoft have a leak?
Microsoft warns: Expect exploits for critical Windows worm hole