Top
Browse > Home / Tech / It can’t be that bad…

It can’t be that bad…

July 26, 2004

So, do you take all of the hype about how vulnerable an unprotected and unpatched Windows system is with a grain of salt?

For a little taste of adventure, drop by the Internet Storm Center, and watch as they follow the bouncing malware—they install a fresh copy of Windows XP Home, along with the Google Toolbar to shut down popups—and take it out for a spin on the sites found in an “average” Google query. They then procede to break down what all gets loaded as the machine is infested with spyware and trojans within a handful of clicks.

Of course, one is tempted to point out that this is hardly a surprise, as a Windows XP box without service pack one can be infected just by being connected to the net without a firewall—you don’t even have to go anywhere. 

Unfortunately, once a piece of malware gets on board (for example, through some of the still open holes in IE), it only takes it three fairly simple steps to uninstall all service packs, and on the next reboot, the machine is just as vulnerable as the example the ISC tested…

Related: Running Windows Securely



—–

Like this article? Share it!
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google
  • Reddit
  • StumbleUpon

Written by Chuck Lawson · Filed Under Tech 
Tags:

Comments

Got something to say? [privacy policy]





Possibly Related


Welcome to Day ZeroA “Zero Day Exploit” is essentially an attack on a computer that comes before a patch or other remedy could have been installed to fix it.  In other words, it can’t be put down to a lack of prevention, not keeping the OS updated, not keeping antivirus software up-to-date, etc.  It just happens. I was at a client’s office the other day, and one of their workstations showed massive signs of infection; I tried a few quick cleanup things on it, with no great luck, and ended up working on the machine back at my office. What I found, and what I learned, wasn’t pretty—it was a piece of “malware” (malicious software—whether it’s spyware, a virus, a trojan or whatever...


XP Service Pack 2 - Biting the BulletWhen Microsoft released Service Pack 2 for Windows XP last month, I was characteristically cautious.  I’ve been bitten before by toxic Service Packs (granted, mostly on Win2K and NT before it), and I’ve found that it often pays to wait a little while for issues to get ironed out, and to let application, driver and firmware providers have a chance to make any necessary adjustments. Unfortunately, time and viruses wait for no man. New exploits are arriving or here that make it mandatory to have SP2 and post-SP2 updates in place in order to be safe.  Before you do so, however, there are a few things you should take care of. I installed SP2 on my machines last week, with...


Uncover Hidden Malware: RootkitRevealerIt’s getting ugly out there—I’ve talked to two XP users this week whose machine has caught “something”—in one case, the user gets steady advertisement popups whenever the machine is running, and in the other, the machine will just barely run, and times out all over the place. But when they run all of the standard anti-spyware and anti-virus utilities, none of them find a thing.  Or they find stuff, remove it, but two minutes later they’ve got something again. Chances are that they’ve got one of the newer infestations that use a rootkit.  A rootkit that burrows into the operating system and removes any traces of itself from the OS’s own process tracking mechanisms. It’s getting ugly (well, uglier) out...


MacIntel - Dual Boot ThisThere's a lot of complaining out there about the new Intel-based Macs not being able to "dual boot" Windows. Apparently Apple is using a new firmware specification that XP's boot loader can't handle (although Windows Vista (currently in beta) can.) Um... So? I'm sure everybody's different, but personally I don't have much use for "dual booting" Windows and Mac. It's not like I often or ever need to use one or the other; I need both. For me, the real home run will be being able to run Windows in a window, under OS X. At pretty much full native speed. If I can do that, then I can happily go along using OS X for most everything I do...


No. More. Excuses.Reports last week suggested that 80% of spam was coming from zombied Windows boxes—boxes taken over by viruses and other malware that are acting as spam senders, probably without their owners having a clue that it’s happening. Now granted, no fine folks reading this are liable to be part of the problem, but damn betcha somebody you know is.  It’s time to hit ‘em over the head with a clue… Slate has up a good article on how to virus-proof your PC in 20 minutes, for free. It’s a good article, but maybe not a great one.  Here are some additional suggestions, which while perhaps not entirely free are still cheap enough, and should probably be pursued before proceeding to...

Bottom