It can’t be that bad…
July 26, 2004
So, do you take all of the hype about how vulnerable an unprotected and unpatched Windows system is with a grain of salt?
For a little taste of adventure, drop by the Internet Storm Center, and watch as they follow the bouncing malware—they install a fresh copy of Windows XP Home, along with the Google Toolbar to shut down popups—and take it out for a spin on the sites found in an “average” Google query. They then procede to break down what all gets loaded as the machine is infested with spyware and trojans within a handful of clicks.
Of course, one is tempted to point out that this is hardly a surprise, as a Windows XP box without service pack one can be infected just by being connected to the net without a firewall—you don’t even have to go anywhere.
Unfortunately, once a piece of malware gets on board (for example, through some of the still open holes in IE), it only takes it three fairly simple steps to uninstall all service packs, and on the next reboot, the machine is just as vulnerable as the example the ISC tested…
Related: Running Windows Securely