Posted by Monte Robertson on Mon, Aug 09, 2010 @ 07:18 PM
A week ago today, Microsoft released an out-of-cycle critical update patch that has drawn a lot of attention. This software security update has received a lot of attention because the exploit (computer security vulnerability), has gained traction on the Internet and large companies were affected.
Simply put, the exploit revolves around the shortcut links (.lnk files), the computer uses to take the user to a network share or launch a program for example. These malicious links can be put into documents by the attacker or spread via USB drives. The attackers can also spread the exploit by getting users to visit infected web sites, infecting many machines with drive by downloads.
Because the ease and criticality of this exploit reaching the Internet, it is important to download, test and deploy this computer security update as soon as possible, if not sooner, to all appropriate computers.
Speaking of Software Security Updates; tomorrow (8/10/10), Microsoft will release 14 updates patching 34 vulnerabilities in multiple products. We recommend downloading, testing and deploying the eight critical updates first because those have the highest risk. But don’t stop there because the remaining six important updates can be exploited as well. Getting infected seems to be getting easier and easier these days, especially for the common user.
It just a matter of a user effortlessly finding the wrong website, at almost any time, with the wrong permissions, or clicking on a bad link, or opening an unknown attachment to get infected. And all that is easier and more common than most people realize.
From the number of known vulnerabilities viewpoint tomorrow is the biggest computer security patch day ever. It comes right on the heels of a critical out-of-cycle security update.
So maybe you should take the day off from work and make sure your computers and servers are fully up to date. You didn’t have anything else to do, do you? Stay safe out there.
Security as a Service for Businesses who have better things to do. 303.232.9070
Posted by Monte Robertson on Thu, Jul 08, 2010 @ 06:24 AM
There are a number of vectors or paths that can lead to compromising computer security. Threats are sent to computers via email and instant messaging. Computer users unknowingly go out and get threats while surfing the Internet. There is the silent threat from disgruntled or greedy insiders. Finally there are threats delivered by plugging accessories into the computer. How well known are all these computer security threat vectors?
- Most people know that threats from Malware are often delivered by email. This is the oldest threat vector.
- Fewer however are aware that the delivery medium has now shifted to the web and more Malware is now delivered from the web than email.
- Very few know about or have considered the insider threat potential.
- Almost no one is aware of threats coming from USB devices, picture frames and other devices affected with malware from the Manufacturer.
Email security is getting better all the time. Given a good layered solution it is hard to get a virus attached to an email delivered. Most email threats now come in the form of links to malicious websites. Your email security solution provider needs to specialize in email security in order to have a chance to keep up with the threats to computer security from this threat vector.
People implicitly trust the Internet by clicking on links in emails or surfing fearlessly because they don’t know any better or realize that any site can be infected and dishing out malicious code. The majority of the threats today are delivered by compromised web sites dishing out malicious code. Like email security your web security solution provider needs to specialize in this layer of computer security as well.
The threat from disgruntled employees or employees trying to make a quick buck can be the most damaging and hardest to prevent. It is unfortunate that we also have to consider a threat from those who we employ and helping provide their livelihood. Steps in restricting access to resources, including servers, files, and intellectual properties may be considered as part of the computer security process.
If that weren’t enough USB devices, including free thumb drives given away at trade shows, picture frames and other USB connected devices are being infected with malware during the manufacturing process. Because so many computers auto run programs installed on these devices it is an attractive vector. Taking steps in removing the auto run command and locking down USB devices will become more popular and now is the time to get ahead of this computer security threat vector.
Computer security threats come in many forms and so should your proactive response. It takes a combination of security software & solutions, people and procedures to have a chance at staying protected these days. Think layers and stay safe out there.
Security as a Service for Businesses who have better things to do. 303.232.9070