Thursday, October 16, 2008

Security Tip: "Security Software Isn't Sufficient..." - Patch!

I read an interesting article that talks about the not so good strategy of anti-virus companies like Symantec, TrendMicro, and McAfee. These companies don't focus on detecting vulnerabilities in applications and operating systems (the root of the problem) they "are geared toward cranking out signatures for hacker payloads: the worms, Trojan horses and spyware that are identified in the wild, given names and then spotted by adding a new detection "fingerprint" to the software."

Basically these security companies wait for hacker 'A' to write an exploit for Microsoft Office and then they update your virus signatures to fight off that particular hacker and keep you from getting infected when you open an infected word document. But then hacker 'B' comes along and creates a new payload (malicious code) that exploits the same vulnerability, and because it's not yet been fingerprinted by your virus software you get infected!  These companies can't really fix the vulnerabilities, so they shoot for trying to stop known malware by black listing it.

So, just because you have security software does not mean you're safe. Keep your browsers, applications, operating systems, etc., all up to date. That means install the required updates/patches and restart your computer for them to take effect. Most programs have an automatic update feature (sometimes you have to manually click on it), find it and use it.

No comments: