Underrated computing threats you need to know about
Your PC may be protected from all the well-known dangers, but there are some you may not have thought of.
Computerworld - There's the danger you know, and then there's the danger you don't know.
Most of us are rightfully wary of downloading and running programs that have no pedigree, or of performing day-to-day operations as an administrative user. But with each passing year, new security threats march in to eclipse the old — many of them not getting their share of attention until it's too late.
Threats go unappreciated for various reasons. Some seem too obscure or unlikely to be valid until they actually materialize in the wild (such as the .PDF exploits I document later on). Others are overshadowed by more widely publicized problems (e.g., the way Firefox's issues take a backseat to Internet Explorer's).
Here I'll be giving a tour of a number of lesser-advertised security issues that can bite you when you least expect it, and offering some advice on how to defend yourself.
Apart from Microsoft, Adobe may well be the one software maker whose programs run on every Windows-based PC out there. Nearly everyone has Flash, Acrobat Reader and/or Shockwave — and they are used by malware as delivery mechanisms. (Of course, Adobe's applications run on other operating systems as well, but it's the Windows PCs that are being targeted.) The danger comes when you use outdated versions of those programs, or current versions with unpatched bugs that are exploited as security holes.
One common manifestation — one I've been hit with personally a few times now — comes when the user visits a Web site with a Flash-powered banner ad. No clicking required: as soon as the ad comes up, it delivers its payload. Sometimes it also comes in the form of one of Adobe's other products — for example, an infected .PDF document, which opens spontaneously upon visiting an ad. (I've been hit with this one many times, too.)
Keep Adobe products updated and don't run your system as Administrator or root if you can possibly help it — that gives malware possible access to your system settings. (Not running as an admin for day-to-day work in Windows is good advice anyway, and could easily be appended to any of the other threats listed in this article.)
Adobe does have an auto-updater for its products, but its behavior is weirdly spotty; it tends to only report updates for whatever product is currently active. If you run the updater within Acrobat, for instance, you aren't informed about updates to other Adobe products, so a certain amount of manual research is needed to make sure Flash, for instance, is current.
Another possible safety measure: Disable thumbnail previews for Acrobat documents. The thumbnail previews in Explorer generated by Acrobat were part of how one proof-of-concept exploit worked, so turning off that functionality or upgrading to a version known to be safe removes another potential source of attacks.
I would like to say that moderating one's browsing habits or visiting only "known good" sites (via mechanisms like Web of Trust) is a good idea, but I'm not sure anymore. The syndication systems that serve up these types of infected ads now run on all sorts of sites. I've been hit with drive-by malware from sites that I visit regularly and which have good ratings from site-review services, so it's no longer a question of simply keeping away from the Web's poorly-lit side streets.
Some people take additional steps, such as blocking ads entirely by running a plugin like Adblock Plus, or selectively disabling scripting for sites they're dubious about by using the NoScript plugin.
- SANS: Next-Generation Datacenters = Next-Generation Security This whitepaper takes a look at some new technology that may allow security teams to implement more flexible and capable protection models in...
- SANS: Protecting Virtual Endpoints with McAfee Server Security Suite Essentials SANS review of McAfees Server Security Suite Essentials that address some of the emerging challenges of securing virtual platforms and cloud environments.
- Mitigating Multiple DDoS Attack Vectors It's time to rethink and refine the enterprise security architecture, so organizations can remain agile and resilient against future threats. Download this infographic...
- EndPoint Interactive eGuide In this eGuide, Network World, Computerworld, and CIO examine two endpoint trends - BYOD and collaboration - and offer tips and advice on...
- Is SQL Server AlwaysOn really as powerful? Tips and Tricks from the field With the introduction of AlwaysOn, Windows Clustering Services is now more critical than ever.
- What Does it Take to Deliver a Superior Customer Experience? The Two Top-Rated Online Retailers, B&H Photo and Crutchfield Electronics, Share Their Secrets Discuss practical CX tools and service methods such as contact center agents and the use of realtime speech analytics to help contact center... All Endpoint Security White Papers | Webcasts