Does Microsoft Show Hackers How To Attack?

By: OM THAKUR
Submitted: 2008-02-19 01:14:18
Print this article | Tell a friend | For publisher | Social Bookmarking
Rating:
 

After another security hole recently surfaced in Microsoft's Windows operating system, the software giant released a patch this past Friday to plug the possibly devastating "back door" which allows hackers to potentially seize control of any pc running Windows.

The latest threat, "Download.Ject," infiltrates computers after users surfing with Microsoft's "Internet Explorer" web browser visit websites infected with the virus.

This newest security patch covers Windows XP, 2000, and Windows Server 2003.

Several factors make this latest development more disturbing than past discoveries of security problems with Internet Explorer, currently the most dominant web browser on the market.

First, it demonstrates very clearly that criminals discovered they can use the power of viruses to very profitably steal important bank, personal, and credit data from people on a large scale.

Second, it took Microsoft what many would consider a very long time to come up with a patch for this problem.

Before a fix appeared, Microsoft told everyone who uses Internet Explorer to stick their finger in the dyke by putting their web browser security settings on high, rendering it impossible to view or use features on many websites and web-based services.

Third, expect this to happen again as new holes open in the future when Microsoft makes Windows more complicated, adds layers of code, and generally makes the operating system more complex.

This may sound like business as usual, however, I think this story actually points to a much deeper problem, one for which I'm not sure a simple solution exists.

Though free and reasonably reliable, many people do not automatically update their Windows operating system through the update service on Microsoft's website. (I won't even get into how many people don't operate up-to-date anti-virus protection.)

Whenever Microsoft publishes a security update, especially for a highly publicized and obviously widespread security breach, thousands of people will not immediately download the update.

In fact, tens-of-thousands of users will not download these security updates for days, weeks, even months (if ever).

So let me ask what seems like a very elementary question: By publishing security updates that point out very obvious flaws in their system, doesn't Microsoft also point the way to exactly where the holes exist?

Let me put it another way.

Doesn't this rate the same as discovering that the local bank vault won't lock and then announcing the details on the front page of the paper along with the dates and times no bank guard will be on duty?

After all, if tens-of-thousands of users won't immediately get the Microsoft Security Patch, don't those patches show hackers exactly which holes get plugged (and which, logically, must already be open without the patch)?

It doesn't take a hacker with more than a basic set of skills to recognize where and what holes got fixed and then reverse-engineer how they can get into computers that don't get updated.

Now, do I have a concrete, 100% bullet-proof answer to this problem? Unfortunately, I don't have more than a common- sense answer...

At this point, your best defense rates staying current on the latest threats and how to defend against them.

Keep your anti-virus software current, your firewall up, and your Windows software updated with the latest security patches.

Though not a perfect solution, at least you'll have a fighting chance to prevent, or at least minimize, any possible threats.

For More Free Resources visit www.greateducationonline.com

Article source: Expert Articles

Most Recent Articles in Security category

  • CyberSecurity: One Rogue Program That May Not Increase Your Security - By: Wayne Davis
    What is a rogue antivirus program? What does it do? There are a lot of questions surrounding these programs, and it is essential you have the answers you need. How do you know if you have a rogue program, like CyberSecurity, installed in your system? Find your answers here so you can better protect your computer.
  • Malware Defender 2009: Discover What's Hidden In Your System - By: Wayne Davis
    Everyone wants to protect their computer and data, but no one needs the aggravation of dealing with a rogue antivirus program. These use tactics such as flooding your system with pop-ups and false scan results in order to encourage you to buy their full software. Unfortunately, this software is ineffective and expensive. Learn how to recognize these programs so you can keep your computer in top running shape.
  • Doctor, Doctor, What's Ailing Me? It Might Be Malware Doctor! - By: Wayne Davis
    Lots of people are worried about computer security today, but there are several programs out there that suggest they can provide the security you need, yet aren't able to live up to their claims. Malware Doctor is one of those programs, and if you find it is installed on your computer, your best bet is delete it as soon as possible.
  • How to protect your PC against Malware - By: Wayne Davis
    Almost as long as people have been using the internet, they've encountered malware problems. Malware is the combination of the words 'malicious' and 'software,' and in most cases, it is able to enter a user's computer even without their knowledge or consent. Unfortunately, it can have quite a few consequences on your computer, so there are several things you may want to do to protect your PC against Malware.
  • How To Protect Your PC Against Rogue Antispyware - By: Wayne Davis
    An increasingly common problem, rogue antispyware programs use a computer user's vulnerabilities and fear of hackers gaining access to their computer to sell their products. They claim to offer protection when in reality their software has entered your computer at the very moment you thought you were being protected. The word "spyware" automatically brings visions of espionage and intrigue to mind, so it strikes a measure of fear with good reason. There are always those unscrupulous types of people who are forever trying to dig their way into your informational database to "spy" on your activities and steal your valuable data. It would only be reasonable to assume that "anti" spyware often completely necessary. Unfortunately, because of rogue antispyware programs, this isn't always true.
  • How to Protect your PC against Hackers - By: Wayne Davis
    Within the world of computing, there are those who study systems, networks, and programming extensively to further the field of computer science. Unfortunately, there are those who study those same areas to take advantage of other computer users. Dubbed 'hackers,' these individuals can create problem programs, take control of networks, and cause all sorts of difficulties for users. Fortunately, there are a number of things you can do to protect you PC against hackers.
  • Who Can Be Trusted with Your Internet Privacy? - By: Tino Bruno
    Most Internet users know that protecting their Internet privacy is the most important key to safe browsing. While most users can agree on the subject, they still find it difficult to judge which companies or products are genuinely there to protect them and which are in it for themselves. It is easy for an average surfer to be tricked into thinking that a company is trying to protect them, but instead has ulterior motives.
  • What to Know About ISPs - By: Tino Bruno
    ISPs offer advanced security and data storage features to give users more features than just a gateway to the Internet. While Internet Service Providers try to go above and beyond the bare minimum, potential customers must do their homework before picking an ISP.
  • The Privacy Risks of Social Networking - By: Tino Bruno
    Social networking sites made a distant world become an intimate community. It is easier than ever to rekindle an old friendship or find a friend from work via their MySpace page, but most people fail to see just how many dangers lurk behind a public profile.
  • 3 Reasons Why Corporate Messenger Software is Safer than Free Messenger - By: Nikolai Fokin
    What's the best solution in working environments, free messengers or corporate messenger software? This article argues in favor of corporate messengers, with an emphasis on security aspects.