The impact potential was high; if attacked, most recent versions of Windows (2000, XP, 2003, Vista) permitted the bug to engage Remote Code Installation and Execution without the user s knowledge. Under the right conditions, simply viewing a baited web page could set into motion the steps to infect the host PC with progressively damaging malfunctioning software (malware). The malware could take many forms, in a stealth-like fashion, with users unable to detect anything unusual, which makes this particular infection damaging to Internet coupled PCs. At worst, potentially your PC could automatically join a network of remotely controlled zombie computers, ready to perform additional malicious tasks to the connected world under remote direction. PCs left powered on for long periods unattended or in screen saver mode could do lots of downstream damage, switching to a more subdued, light-impact mode when the unsuspecting user returned to the PC.
This particular exploit was notable, in that a variant was apparently identified and patched in 2005, with a second form of the exploit surfacing in December 2006. Further, the typical practice of using firewalls, anti-spyware, and anti-virus applications would not have prevented infection, leaving many users with a false sense of security, so to speak. Reportedly, the exploit could happen whether you used Firefox or something other than Internet Explorer 7 under Windows Vista (in protected mode) to browse the web (though Vista was not totally immune).
The good news- there have been several patch updates from Microsoft to correct this condition on the windows update website. This real-life technology drama may illuminate a thought in your own situation. Is now maybe a good time to review my own procedure for ensuring a secured and sound computing environment in my company? Could be; Array Systems suggests the following basic operational components be included in a security review:
Anti-Virus Make sure you have recent versions and current definition (signature) updates. There are license fees/renewals with most products, which should be maintained or checked.
Anti-Spyware Similar to Anti-Virus in function- ensure updates and versions are current for this tool to be effective. This can be part of a suite of defense products, all with the intent of providing added protection.
Microsoft Update A free Microsoft web service that provides direct and concise access to software updates for Microsoft products (Windows, Office, etc.) You can set manual or automated updates, but you should understand the ramifications of each method.
Firewall Hardware firewall devices are preferred, as some software based firewall/Internet security products can be ineffective for certain environments.
Gateway/Content Filter Hardware and software based devices which can provide active protection between internal users and the Internet, and also manage wireless, PDA/mobile users, remote access, etc.
In addition, there are behavioral (human factors) components that should be part of the security review, which do not involve hardware or software. For example, antivirus experts have noted that perhaps 35-40% of virus definition/signatures are unavailable on average, due to delays in developing remedies or in detecting new malware exploits. Therefore, the habits and interaction patterns of users become a vital part of a security protection strategy, which might include:
Email Don t open attachments, or click on hyperlinks unless you are sure of the content. This is similar for web links embedded in email messages, and is independent of whether full-client applications or web-based browsers are used. Consider when to use email, or revise company policy to standardize its use.
Web browsing Stay away from unknown websites. Websites are now the most common source of PC infection. (Even the official NFL SuperBowl website got infected most recently). Spear phishing is particularly harmful in that it targets truly authentic looking, legitimate websites, using well written grammar and customer data, to lure the user viewing the website into infection.
Passwords Maintain established complexity and change frequencies suitable for your environment. Like keys to locks, passwords are the primary mechanisms for controlling access to networked computers.
Remote access Consider the method and management of outside access to company infrastructure. Who is permitted, how, and using what devices may be a part of the design.
Data management Similar to remote access, consider the data involved. Allow only authenticated access to critical information, and actively manage where and how information is used if on portable devices or outside systems. Is internal business data stored permanently on portable devices? Are portable devices/laptops protected?
Security issues related to Windows fall under many names (beyond malware), which specifically equate to hardware, software, network and user components too numerous (and specialized) to adequately address in this article. Terms such as IDS (intrusion detection), port attacks, Phishing/Spear phishing, Root kits, Social Engineering, Spam, Spyware, Trojans, Virus, etc. are but a brief sample list of keywords found on popular web searches. Each has deeper meaning and implications that can fill entire articles in themselves. Awareness, understanding, acceptance, and change start the steps toward action in the highly interconnected world of present day secured computing. The fluid, interactive nature of the Internet will require a progressive response to maintain a trouble-free web experience.
Got a question? Need Help? Please visit our website: Array Computer Network Support in Los Angeles Ask a question at our blog site: AskSid.com Email: skato@arraysystems.com Call us Toll Free: (877 ) 412-7729
Sid Kato is the president of Array Systems Inc. and author of the Daily Breeze "computer-wise" column. Array Systems is an IT Outsourcing and Computer Network Support company that aims to help small businesses throughout the greater Los Angeles area with all of their technology demands. In business for over 16 years, Sid knows where the pitfalls are.
Bookmark it:
No comments:
Post a Comment