Fix Old Flaws to Stop New Attacks
In further confirmation that Internet crooks tend to grab for the low-hanging fruit, a new Microsoft report reveals that the most common browser-based attacks tend to go after old software flaws. Making sure you've closed those holes can go a long way towards keeping your PC safe.
Browser-based exploits form the basis for some of the sneakiest and most dangerous attacks out there today. Crooks insert hidden attack code on a hijacked Web site that searches for a software vulnerability whenever anyone views the poisoned site. If the attack code finds a flaw, it will attempt to surreptitiously download and install a Trojan or other malicious software. If an antivirus app doesn't manage to catch it, the malware gets installed with nary a clue for the hapless victim.
These drive-by-download attacks sometimes go after the latest software flaws, but as revealed by Microsoft's new Security Intelligence Report v7, most of the attacks against Windows XP go after old Windows and third-party software flaws going as far back as 2006. Of the top 10 attacks, only one was from 2009. That's good news, since it means that basic maintenance and security measures will go a long way towards keeping your PC safe.
These are the most common browser-based exploits, as determined from Microsoft's analysis of "data from customer-reported incidents, submissions of malicious code, and Microsoft Windows error reports."
Third-party software:
CVE-2008-2992 - flaw in Adobe Acrobat and ReaderCVE-2006-5198- WinZipCVE-2007-0015- QuickTimeCVE-2007-5659- Adobe Reader
Windows holes:
MS08-041- Microsoft Office Snapshot ViewerMS09-002- Internet ExplorerMS06-057- Internet ExplorerMS08-078- Internet ExplorerMS06-01- Microsoft Data Access ComponentsMS06-055- Microsoft VMLThe names here tell when the flaw was discovered (MS06 = 2006, for example), and as you can see, crooks love the golden oldies. Many of these attacks probably go after pirated Windows installs that never get updates.
Enabling Automatic updates in Windows will guard from attacks against any of the listed Windows flaws, and to protect against the third-party software flaws, make sure you have the latest software versions available. For vulnerable older software such as the vulnerable, three-year-old WinZip, that might require a manual version check and update. Or you can take the easy route and use the free Secunia PSI software, which will scan your system for outdated vulnerable software and provide simple links to update it.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
PC World
Powered by TwitterOn Twitter now
PC World
Brian Proffitt
Microsoft/Novell: Breaking Down the Coupon Numbers
Esther Schindler
Drupal's Dries Buytaert on Building the Next Drupal
Tom Henderson
Top Ten General Operating Systems Rants
pasmith
PS3 motion controller delayed; goes up against Project Natal
sjvn
Neolithic Windows security hole alive and well in Windows 7
claird
Perl source code comparison makes for good reading
mikelgan
Cell phones don't create stress or interrupt much
Sandra Henry-Stocker
How to: The Unix Interview
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
- Ubuntu advances: Why Ubuntu server installations will surge in 2010
- Social media marketing: How to make friends with benefits
- More...
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
