Some say it is like MilitaryIntelligence
, incompatible stuff smashed together.
is a page focussed on improving security (allow legitimate access and reduce exposure to SocialEngineering
and other scams). It concentrates on common situations faced by users of Microsoft client software (the majority). It includes the task of SecuringWindows
I believe the IT community is not immune to being victimized, as indicated by various reports in the press in the past (e.g. within Microsoft many employee SQLserver DB were affected by a worm, months after the patch was released).
Major risks and counter measures
There's not a lot of point in listing these here. It will just be out of date and incomplete.
covers the above and more.
- Yes it is both incomplete and will be out-of-date. However as said in the beginning, lots of PC have not been patched months after exposure identified, so there is still value in listing the more serious (common and intense) exposures as these are identified and solutions found.
But they're already listed on that site! Run WindowsUpdate
Media Player DRM
reported in late 2004 about users of even WindowsXp
SP2 getting spoofed into allowing the download of fake Digital Rights Management material, MS said in Jan05 that it will provide a patch. See http://www.eweek.com/print_article2/0,2533,a=142839,00.asp
InternetExplorer users, upgrade to WindowsXp SP2 or switch to FireFox
This recommendation from a number of sites made after MS said no upgrades to IE available to users that do not use WindowsXp
does not support ActivexTechnology
, and is therefore touted as being more secure. It was claimed within a few days of FireFox
1.0 Nov2004 release, it has captured 3percent of browser market.
in SP2 release of WindowsXp
has low level changes to security zone architecture, making it more difficult for MalWare
to operate unchecked. This is the reason the IFRAME bug did not affect SP2 enabled machines. See http://www.windowsitpro.com/Windows/Article/ArticleID/44561/44561.html
Or consider MaxthonBrowser, if you want to stay with the IE engine
Anyone have comments on using MaxthonBrowser as IE6 substitute for intranets, in terms of compatibility and other technical risks?
Technology components that seem to be frequently affected by security problems
Server Message Block (SMB) for file sharing. Problems are just beginning?
which acknowledges MS05-011 that reported the problem area
What is IFRAME
Browser Helper Object(BHO) not all that bad
Reading Material (list updated by better material as they become spotted)
There exists a site that lists programs that might be running at startup, located at http://www.sysinfo.org
. This can be used to identify programs, including MalWare
, that are run on your own machine.
The latest seductive wrapper for a blatant virus. Another wrapper is pretending it's a bounce for an email you sent.
this is the latest version of security update, the "September 2003, Worm.Automat.AHB" update which eliminates all known security options on your MS Windows platform. It turns your computer into an SMTP server, scans your memory and drives for e-mail addresses, and sends itself to all of them. Then it takes a whack at your IRC, Kaazen, and your shared network drives.
It foils and mangles its headers each time to fool the less robust spam filters. Put another way, it installs a decade of spam technology to broadcast its malicious executable.
If you are stupid enough to think that MS would e-mail security patches, then you will not suffer as much as your electronic contacts, whose mail boxes will fill up with 1-10 copies of the "security patch" per minute.
3 years after the "I love you" worm, MS's installed user base can still
be relied upon to double-click anything in their mails that looks harmless or official. And MicroSoft
can still be relied upon to never close the simple loopholes in their systems.
Billy Gates why do you make this possible? Stop making money and fix your software!!
We could ask the big mail servers to start filtering this out instead of passing and wasting incredible amounts of bandwidth.
Thanks! I thought it was just some cool new MS scheme to propagate their patches from one computer to the next ;-)
I've always wondered why someone doesn't just write a worm/virus that exploits security holes such that it installs the patch for the security hole. Kind of like a vaccination.
AmigaComputer had one, but the leading virus scanners clobbered it for you anyway...
They tried that for SoBig?
. Aside from the ethics of such an act, the 'patch' ended up consuming more network resources than the virus.
Or so said the AntiVirus? industry. Biased?
Possibly, but also correct in that the anti-worm at least did some damage. It is believed that Welchia was the virus responsible for crashing the State Department's electronic system for checking every visa applicant for terrorist or criminal history.
No big loss, unless it actually was accurate, non-biased, and non-partisan...
Anyone have information on Secure Agent (CSA), a rebranded product from Okena acquired by Cisco? MS is claimed to use this as a dayzero attack prevention mechanism.
No worries, mate! Just upgrade to Windows 98 ^H^H^H2000 ^H^H^H^H^HXP ^H^H^HXP, ServicePackTwo?
and all your troubles will be fixed!
Pretty much the same for any operating system. Old versions don't get the maintenance.