Tag Archives: patch

Security Precautions For Your New Christmas PC

imageWe are now officially in the “Holiday Season”, (the “Christmas Season”, to we traditionalists), so along with those visions of sugar plum fairies dancing in your head, you just might have visions of a super hot, quad core beast, that you can rip the wrapping off – after Santa has dropped down your chimney.

So if you’ve been good this year, and Santa does drop off that new screaming machine, no doubt you’ll want to put it through its paces right away. But before you test drive this new machine, there are some fundamental precautions you need to take.

Patch your operating system:

image

Download and install all available patches, and service packs – if applicable, by connecting to Windows Update. Security Gurus will tell you that 50% of unpatched, and unprotected systems, will be infected with malicious code within 12 minutes of being connected to the Internet. Believe it!

Install a Firewall:

image

Windows 7 comes with a vastly improved Firewall – substantially better than in previous versions of the operating system. Still, many techies consider third party applications more effective.

There are a number of free firewalls that are worth considering. The following are three that do the job particularly well. (Choose only one)

Comodo Firewall Pro:

Comodo Firewall protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet. I ran with this application for 18 months during a long term test, and I felt very secure.

PC Tools Firewall Plus:

PC Tools Firewall Plus is my Firewall of choice. It installed easily, set up quickly, and did not caused any conflicts on my test machine despite my sometimes esoteric running requirements. The default settings are well thought out, and provide excellent protection for less experience users.

ZoneAlarm Free Firewall:

ZoneAlarm’s default settings are well thought out, and provide excellent protection for less experience users particularly. Experienced users on the other hand, can tinker to their hearts content, customizing and tweaking the application to meet their specific requirements.

Install anti-virus software:

image

There is no doubt that an unprotected computer will become infected by viruses and malware within minutes of first being connected to the Internet. There are many free versions of anti-virus software available, and the programs listed below have a well justified reputation. (Choose only one – although Immunet Protect will run successfully as a companion application).

Avira AntiVir Personal:

This anti-virus program offers comprehensive protection with an easy to use interface. In the time that I have been testing Avira I have been impressed with its performance, and I have come to rely on it as my primary anti-virus program on an XP Pro system. I highly recommend this one.

Panda Cloud Antivirus:

I’ve been testing the Beta version of Panda Cloud Antivirus since the end of April 2009, off and on, and I’ve been pleasantly surprised with it’s performance, particularly the light use of system resources. This application is definitely not a resource hog, and I found it outstanding at recognizing and blocking malware threats.

Immunet Free Antivirus:

Immunet Protect is a lightweight cloud based antivirus application, (available in both a free, and a fee version), designed to add a layer of protection while working in partnership with the most popular antimalware solutions. You’ll find Immunet straightforward to install, and easy to run without complication.

Install Anti-spyware and Adware Software:

image

It’s not only a virus that can put your computer down for the count, but a multitude of nasties freely floating on the Internet. Listed below are a number of free programs that offer very good protection against malware.

Microsoft Security Essentials:

Microsoft Security Essentials, which incorporates antivirus, antispyware and rootkit protection, all under one roof, was released by Microsoft as a free  replacement application for Windows Live OneCare. Microsoft Security Essentials is easy to set up and run, particularly for new users. And, the interface is positively simple offering Quick Scan, Full Scan, or Custom Scan.

Spybot Search and Destroy:

Spybot Search & Destroy can detect and remove a multitude of adware files and modules from your computer. Spybot also can clean program and Web-usage tracks from your system, which is especially useful if you share your computer. Modules chosen for removal can be sent directly to the included file shredder, ensuring complete elimination from your system.

ThreatFire:

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior. I highly recommend this one!

Additional security protection:

image

Web of Trust (WOT):

WOT is a free Internet Browser add-on which tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites.

SpywareBlaster:

SpywareBlaster prevents ActiveX-based spyware, adware, dialers, and browser hijackers from installing on your system by disabling the CLSIDs (a system used by software applications to identify a file or other item), of spyware ActiveX controls. As well, SpywareBlaster can block spyware/tracking cookies and restrict the actions of spyware/adware/tracking sites in Internet Explorer, Firefox, and other browsers.

WinPatrol:

With WinPatrol, in your system tray, you can monitor system areas that are often changed by malicious programs. You can monitor your startup programs and services, cookies and current tasks. Should you need to, WinPatrol allows you to terminate processes and enable, or disable, startup programs. There are additional features that make WinPatrol a very powerful addition to your security applications.

SpyShelter:

SpyShelter is an anti-keylogging, anti-spyware program that protects your data from Keylogging and spy programs: known, unknown, and under-development. It detects and blocks dangerous and malicious programs, to help ensure that your data cannot be stolen by cyber criminals.

Note: Keep in mind however, that even the best layered protection strategy will not make up for lack of experience, and intuitiveness, when surfing the Internet. So, I’ll repeat what I have said here, many times – “knowledge, awareness, and experience are critical ingredients in the escalating battle, against cybercriminals.”

This list is not exhaustive by any means, but it is a good place to start.

A final note: You may find that your new PC is loaded with preinstalled “trial” software. This is the type of thing that drives users buggy, since trying to figure out how to get rid of trialware is not as easy as it should be. But don’t fret.

Take a look at – Free PC Decrapifier – Bloatware Begone! – a free application designed to specifically uninstall these annoyances

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Advertisements

4 Comments

Filed under 64 Bit Software, Anti-Malware Tools, Don't Get Hacked, downloads, Free Anti-malware Software, Freeware, Malware Protection, Software, Windows Tips and Tools

Not Running Secunia PSI? Why Not?

imageDespite the fact that burglaries are at an all-time high in my neighborhood, and despite the fact that the Police regularly caution residents to lock both windows and doors when not at home, one of my close neighbors always leaves at least one window open while she’s out. I have to say – it just boggles my mind.

Throughout the summer she is out of town every weekend and, you guessed it – she still leaves at least one window wide open. Her behavior, not to put too fine a point on it – is idiotic. If you’ve ever wondered why your home owners insurance policy is more expensive than it needs to be, it’s partially due to lamebrains like my neighbor.

Computer systems running insecure and unpatched applications are analogous to the open window in my neighbor’s house, and are a common gateway used by cyber-criminals to infect unaware users’ machines. Worse, unlike the aftereffects of a home burglary, which are rather self evident, a compromised computer can often remain undetected.

As important as it is, that you secure your computer by implementing a layered security approach, it’s equally as important that you close any “open windows” in your operating system, by keeping your installed applications current and up-to-date. And, Secunia, the leading provider of Vulnerability Intelligence, can help you do just that with its free application – Secunia Personal Software Inspector (PSI).

Since PSI constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application, when available – installing this small free application will assist you in ensuring that your software installations are relatively secure. I say “relatively”, since there is no perfect system.

The following screen captures illustrate, just how easy it is to take that extra step toward a more secure computing experience, using PSI. Click on any graphic to expand to its original size.

During the install process, you will have an opportunity to select “Auto Updates”. I suggest that you take advantage of this feature.

image

Again, during the install process, you will have an opportunity to select “full changes in the tray icon”. If you have selected “Auto Updates”, as per the previous window, you should select this option.

image

The settings menu provides a full range of adjustments so that you can configure the application to more accurately meet your specific needs.

image

The following screen capture illustrates a security scan in progress. The full scan took under two minutes to complete.

image

According to the scan results, my test machine is 12% more secure compared to non-users of PSI in my local area. This is no cause for celebration though, since the test machine is running two insecure applications. One of which, VLC Media Player, has been a recent target of cyber criminals. Ouch!

image

The following screen capture shows the full test results and you can readily see, that both Adobe Flash Player and the previously mentioned VLC, are both insecure. Adobe Flash Player, dramatically so. Double ouch!

image

Additional data on an insecure program can be gathered by double clicking on the program, as shown in the following screen shot.

image

Quick facts:

Secunia PSI is free for private use.

Allows you to secure your PC – Patch your applications – Be proactive

Scans for Insecure and End-of-Life applications

Verifies that all Microsoft patches are applied

Tracks your patch-performance week by week

Direct and easy access to security patches.

Detects more than 300,000 unique application versions

Provides a detailed report of missing security related updates

Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.

Provides a Toolbox offering a set of links which helps you assess a problem and how to resolve it.

Installing this small free application will definitely assist you in identifying possible security leaks; give it a try.

System requirements: Windows 7, Vista SP 1 or later, XP SP 3 (32 & 64 bit).

Watch: How to install and use the Secunia PSI 2.0

Download at: Secunia

Bonus: Do it in the Cloud – The Secunia Online Software Inspector, (OSI), is a fast way to scan your PC for the most common programs and vulnerabilities; checking if your PC has a minimum security baseline against known patched vulnerabilities.

Link: Secunia Online Software Inspector. In the last 24 hours, fully 19% of applications checked by this online tool, were insecure.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

15 Comments

Filed under 64 Bit Software, Anti-Malware Tools, Application Vulnerabilities, Cloud Computing Applications, Computer Audit Applications, cybercrime, Don't Get Hacked, downloads, Freeware, Recommended Web Sites, Secunia, Software, System Security, Utilities, Windows Tips and Tools

Secunia PSI Updated – Version 2.0 Released

imageSecunia has just released (December 20, 2010), Version 2.0 of their award winning vulnerability and patch scanning free application – Secunia PSI.

As important as it is, that you secure your computer by implementing a layered security approach, it’s equally as important that you keep your installed applications current and up-to-date. Insecure and unpatched applications are a common gateway used by cyber-criminals to infect unaware users’ machines.

Since PSI constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application, when available – installing this small free application will assist you in ensuring that your software installations are relatively secure. I say “relatively”, since there is no perfect system.

The following screen captures illustrate, just how easy it is to take that extra step toward a more secure computing experience, using PSI. Click on any graphic to expand to its original size.

image

Following the initial scan of two Hard Drives – which took only two and a half minutes, PSI found two end-of-life applications, and one insecure application. The insecure application (VLC Media Player 1.1.14), is currently under attack by cyber-criminals. So, that was a good catch.

image

image

Updating VLC Media Player 1.1.14, was a snap – I simply clicked on “Install Solution”. Boom – done!

image

Quick facts:

Secunia PSI is free for private use.

Allows you to secure your PC – Patch your applications – Be proactive

Scans for Insecure and End-of-Life applications

Verifies that all Microsoft patches are applied

Tracks your patch-performance week by week

Direct and easy access to security patches.

Detects more than 300,000 unique application versions

Provides a detailed report of missing security related updates

Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.

Provides a Toolbox offering a set of links which helps you assess a problem and how you can resolve it.

Improvements in Version 2.0.

  • Automatic Updates: Functionality for Auto Updates is now implemented as a core feature in the Secunia PSI.
  • New User Interface: A new User Interface has been implemented. The design has been updated to make it simpler and easy to use the Secunia PSI, as well as improving the overall look and feel.
  • Integration with Secunia CSI: The new Secunia PSI features integration with the commercial Secunia CSI. Secunia CSI customers can learn more about this feature with the release of the Secunia CSI 4.1.
  • Improved Presentation of Scan Result: The presentation of scan results have been significantly improved, using techniques that have been tested during the Technology Preview. The Scan Results are grouped according to their installation and patch state, which in turn makes it simpler to identify the programs that actually requires the latest security patches.

ZD Net, one of my favorite web sites has stated “Secunia Personal Software Inspector, is quite possibly the most useful and important free application you can have running on your Windows machine”. In my view, this is not an overstatement.

Installing this small free application will definitely assist you in identifying possible security leaks; give it a try.

System requirements: Windows 7, Vista SP 1 or later, XP SP 3 (32 & 64 bit).

Watch: How to install and use the Secunia PSI 2.0

Download at: Secunia

Bonus: Do it in the Cloud – The Secunia Online Software Inspector, (OSI), is a fast way to scan your PC for the most common programs and vulnerabilities; checking if your PC has a minimum security baseline against known patched vulnerabilities.

Link: Secunia Online Software Inspector. In the last 24 hours, fully 19% of applications checked by this online tool, were insecure.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

10 Comments

Filed under 64 Bit Software, Anti-Malware Tools, Cloud Computing Applications, Computer Audit Applications, Don't Get Hacked, downloads, Free Security Programs, Freeware, Malware Protection, Security Rating Applications, Software, Utilities, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

Planning On A New Christmas Computer? Security Precautions To Consider

imageWe are now officially in the “Holiday Season”, so along with those visions of sugar plum fairies dancing in your head, you just might have visions of a super hot, quad core beast, that you can rip the wrapping off of after Santa has dropped down your chimney.

So if you’ve been good this year, and Santa does drop off that new screaming machine, no doubt you’ll want to put it through its paces right away. But before you test drive this new machine, there are some fundamental precautions you need to take before you connect to the Internet.

Patch your operating system:

image

Download and install all available patches, and service packs – if applicable, by connecting to Windows Update. Security Gurus will tell you that 50% of unpatched, and unprotected systems, will be infected with malicious code within 12 minutes of being connected to the Internet. Believe it!

Install a Firewall:

image

Windows 7 comes with a vastly improved Firewall – substantially better than in previous versions of the operating system. Still, many techies consider third party applications more effective.

There are a number of free firewalls that are worth considering. The following are three that do the job particularly well. (Choose only one)

Comodo Firewall Pro:

Comodo Firewall (last updated November 11, 2010), protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet. I ran with this application for 18 months during a long term test, and I felt very secure.

PC Tools Firewall Plus 7:

Having tested this application for more than six months I was impressed with its performance. It installed easily, set up quickly, and did not caused any conflicts on my test machine despite my sometimes esoteric running requirements. The default settings are well thought out, and provide excellent protection for less experience users.

ZoneAlarm Free Firewall 2010:

ZoneAlarm’s default settings are well thought out, and provide excellent protection for less experience users particularly. Experienced users on the other hand, can tinker to their hearts content, customizing and tweaking the application to meet their specific requirements.

Install anti-virus software:

image

There is no doubt that an unprotected computer will become infected by viruses and malware within minutes of first being connected to the Internet. There are many free versions of anti-virus software available, and the programs listed below have a well justified reputation. (Choose only one – although Immunet Protect will run successfully as a companion application).

Avira AntiVir Personal:

This anti-virus program offers comprehensive protection with an easy to use interface. In the time that I have been testing Avira I have been impressed with its performance, and I have come to rely on it as my primary anti-virus program on an XP Pro system. I highly recommend this one.

Panda Cloud Antivirus:

I’ve been testing the Beta version of Panda Cloud Antivirus since the end of April 2009, off and on, and I’ve been pleasantly surprised with it’s performance, particularly the light use of system resources. This application is definitely not a resource hog, and I found it outstanding at recognizing and blocking malware threats.

Immunet Protect 2:

Immunet Protect is a lightweight cloud based antivirus application, (available in both a free, and a fee version), designed to add a layer of protection while working in partnership with the most popular antimalware solutions. You’ll find Immunet Protect straightforward to install, and easy to run without complication.

Install Anti-spyware and Adware Software:

image

It’s not only a virus that can put your computer down for the count, but a multitude of nasties freely floating on the Internet. Listed below are a number of free programs that offer very good protection against malware.

Microsoft Security Essentials:

Microsoft Security Essentials, which incorporates antivirus, antispyware and rootkit protection, all under one roof, was released by Microsoft last year as a free  replacement application for Windows Live OneCare. Microsoft Security Essentials is easy to set up and run, particularly for new users. And, the interface is positively simple offering Quick Scan, Full Scan, or Custom Scan.

Spybot Search and Destroy:

Spybot Search & Destroy can detect and remove a multitude of adware files and modules from your computer. Spybot also can clean program and Web-usage tracks from your system, which is especially useful if you share your computer. Modules chosen for removal can be sent directly to the included file shredder, ensuring complete elimination from your system.

ThreatFire:

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior. I highly recommend this one!

Additional security protection:

image

Web of Trust (WOT):

WOT is a free Internet Browser add-on which tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites.

SpywareBlaster:

SpywareBlaster prevents ActiveX-based spyware, adware, dialers, and browser hijackers from installing on your system by disabling the CLSIDs (a system used by software applications to identify a file or other item), of spyware ActiveX controls. As well, SpywareBlaster can block spyware/tracking cookies and restrict the actions of spyware/adware/tracking sites in Internet Explorer, Firefox, and other browsers.

WinPatrol:

With WinPatrol, in your system tray, you can monitor system areas that are often changed by malicious programs. You can monitor your startup programs and services, cookies and current tasks. Should you need to, WinPatrol allows you to terminate processes and enable, or disable, startup programs. There are additional features that make WinPatrol a very powerful addition to your security applications.

SpyShelter:

SpyShelter is an anti-keylogging, anti-spyware program that protects your data from Keylogging and spy programs: known, unknown, and under-development. It detects and blocks dangerous and malicious programs, to help ensure that your data cannot be stolen by cyber criminals.

Note: Keep in mind however, that even the best layered protection strategy will not make up for lack of experience, and intuitiveness, when surfing the Internet. So, I’ll repeat what I have said here, many times – “knowledge, awareness, and experience are critical ingredients in the escalating battle, against cybercriminals.”

This list is not exhaustive by any means, but it is a good place to start.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

22 Comments

Filed under Anti-Malware Tools, Antivirus Applications, Cloud Computing Applications, Comodo, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Free Anti-malware Software, Free Firewalls, Freeware, Malware Protection, Microsoft, Software, Spyware - Adware Protection, System Security, Windows Tips and Tools

How Secure Are Your Software Applications – Not Very, It Seems

Most of us, I expect, are familiar with the expression – If you fail to plan, then you plan to fail. If you accept the findings of Veracode’s second edition of their State of Software Security Volume 2, which reports unfavorable on the security reliability of more than half of the 2,922 web applications tested, you might  wonder if application developers are familiar with this expression.

This report, coupled with the Qualys Vulnerability Report, which I receive weekly, leaves little doubt in my mind that software developers, by and large, need to focus more intently to ensure their applications are appropriately hardened against security vulnerabilities.

The following partial listing taken from the Qualys Vulnerability Report, from several weeks ago, highlights this lack of focus on this point. Frankly, I never fail to be astonished by the huge number of application vulnerabilities listed in this report. I’ve always felt, that the software industry should thank their “lucky stars”, that this report is not particularly well known outside the IT security community. It’s as if, application vulnerabilities are a dirty little secret.

Critical Vulnerabilities – Widely Deployed Software

(1) HIGH: Adobe Reader / Acrobat Font Parsing Buffer Overflow Vulnerability
(2) HIGH: Mozilla Firefox Multiple Vulnerabilities
(3) HIGH: Apple Safari Multiple Security Vulnerabilities
(4) HIGH: Google Chrome Multiple Security Vulnerabilities
(5) HIGH: Apple iOS Multiple Vulnerabilities
******************************************************************
Comprehensive List of Newly Discovered Vulnerabilities from Qualys
–  Third Party Windows Apps
10.37.1  – HP Operation Agent Privilege Escalation and Remote Code Execution Issues
10.37.2  – Tuniac “.pls” File Buffer Overflow issue
10.37.3  – Microsoft Internet Explorer CSS Handling Cross-Domain Information Disclosure
— Mac Os
10.37.4  – Apple Mac OS X Mail Parental Control White List Security Bypass Issue
— Linux
10.37.5  – Linux Kernel “keyctl_session_to_parent()” Null Pointer Dereference Denial of Service
10.37.6  – Linux Kernel “IrDA” Protocol NULL Pointer Dereference Denial of Service Issue
10.37.7  – oping Local Information Disclosure
10.37.8  – Linux Kernel “irda_bind()” Null Pointer Dereference
10.37.9  – Linux Kernel “SIOCGIWSSID” IOCTL Local Information Disclosure Issue 10.37.10 – Linux Kernel “XFS_IOC_FSGETXATTR” Information Disclosure Issue
— Novell
10.37.11 – Novell Netware SSH Remote Buffer Overflow Issue
— Cross Platform
10.37.12 – Blackboard Transact Multiple Insecure Password Handling Information Disclosure Issues
10.37.13 – Zope Unspecified Denial of Service Issue
10.37.14 – httpdx “h_readrequest()” Remote Format String
10.37.15 – Techlogica HTTP Server Remote File Disclosure
10.37.16 – Arno’s IPTABLES Firewall IPv6 Detection Remote Security Bypass
10.37.17 – Hitachi JP1/Desktop Navigation Unexpected Data Denial Of Service Issue
10.37.18 – Google Chrome Multiple Security Vulnerabilities
10.37.19 – LDAPUserFolder Emergency User Arbitrary Password Authentication Bypass Issue 10.37.20 – ffdshow “.avi” File NULL Pointer Dereference Denial Of Service Issue
10.37.21 – Squid Proxy String Processing NULL Pointer Dereference Denial of Service
10.37.22 – VLC Media Player “smb://” URI Handler “.xspf” File Buffer Overflow Issue

Veracode’s State of Software Security Volume 2, reveals what may well be the true state of the software we have come to rely on.

The following are some of the most significant findings:

More than half of all software failed to meet an acceptable level of security and 8 out of 10 web applications failed to comply with the OWASP Top 10.

Cross-site Scripting remains the most prevalent of all vulnerabilities.

Third-party applications were found to have the lowest security quality.

The security quality of applications from Banks, Insurance, and Financial Services industries was not commensurate with their business.

Equally as important – 57% of all applications were found to have unacceptable application security quality. Even more troublesome, more than 80% of internally developed and commercial web applications failed to comply with the OWASP Top 10 which is shown below.

OWASP Top

  1. Injection – Examples of injection flaws are SQL, LDAP, HTTP header injection (cookies, requests), and OS command injections.
  2. Cross Site Scripting (XSS) – Malicious scripts are executed in the victim’s browser allowing the attacker to hijack the user’s session, steal cookies, deface web sites, redirect users to malicious web sites, and remote browser control.
  3. Broken Authentication and Session Management – Flaws used against one account may be replicated against an account with higher privileges.
  4. Insecure Direct Object References – Attack occurs when an authorized user can change a parameter value that refers to a system object that they are not authorized for.
  5. Cross Site Request Forgery (CSRF) –  CSRF attacks can complete any transactions that the victim is permitted to perform such as access data, transfer funds or make purchases.
  6. Security Misconfiguration – Attacker exploits unsecured pages, default accounts, unpatched flaws or any other vulnerability that could have be addressed by proper configuration.
  7. Failure to Restrict URL Access – Links can be obtained from: hidden fields, client-side code, robots.txt, configuration files, static XML files, directory access.
  8. Unvalidated Redirects and Forwards – Unvalidated parameter allows an attacker to choose a destination page where they wish to send a victim to trick them into disclosing private information.
  9. Insecure Cryptographic Storage – The most common reason for this attack is that data that should be encrypted is stored in clear text.
  10. Insufficient Transport Layer Protection – Most commonly, this attack occurs when a site does not use SSL/TLS for pages that require authentication where an attacker can monitor network traffic to steal an authenticated user’s session cookie.

The full report in PDF format is available here.

So how do you ensure that your software installations are relatively secure? Unfortunately, there’s no perfect answer – but you can reduce your overall exposure by installing the free  Secunia Personal Software Inspector, (PSI).

PSI constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application when available.

Installing this small free application will definitely assist you in identifying possible security leaks.

image

Quick facts:

The Secunia PSI is free for private use.

Downloaded over 800,000 times

Allows you to secure your PC – Patch your applications – Be proactive

Scans for Insecure and End-of-Life applications

Verifies that all Microsoft patches are applied

Tracks your patch-performance week by week

Direct and easy access to security patches.

Detects more than 300,000 unique application versions

Provides a detailed report of missing security related updates

Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.

Provides a Toolbox offering a set of links which helps you assess a problem and how you can resolve it.

System Requirements: Windows 2000, XP 32/64bit, Vista 32/64bit, and Win 7

Download at: Download.com

Bonus: Do it in the Cloud – The Secunia Online Software Inspector, (OSI), is a fast way to scan your PC for the most common programs and vulnerabilities; checking if your PC has a minimum security baseline against known patched vulnerabilities.

Link: Secunia Online Software Inspector

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

14 Comments

Filed under Windows Tips and Tools

If You Get A Malware Infection Who’s Fault Is It Really?

imageThe security industry, especially security analysts, and for that matter, computer users at large, love to dump on Microsoft when they get a malware infection. If only Microsoft got their act together, the theory goes, and hardened Windows more appropriately, we wouldn’t have to deal with this nonsense.

But, what if it isn’t entirely Microsoft’s fault? What if it’s really a shared responsibility split between Microsoft, third party software developers, and the user?

From time to time, I’m accused of being “too frank”; usually on those occasions when diplomacy needs to put put aside, so that realities can be dealt with. For example, I’ve left myself open to criticism, in some quarters, by stating on more than one occasion –

It has been my experience, that when a malware infection occurs, it’s generally safe to say, the user is, more often than not, responsible for their own misfortune.

Computer users, by and large, are lackadaisical in securing their computers against threats to their Internet safety and security.

Strong statements I’ll admit, but if you consider the following, which I have repeated over and over, you’ll understand why I feel comfortable making this statement.

Not all users make use of Microsoft’s Windows Update so that they are current with operating system critical updates, and security fixes. More to the point, few users have given consideration to the vulnerabilities that exist in third party productivity applications and utilities.

Unless you monitor your system for insecure and unpatched software installations, you have left a huge gap in your defenses – it’s just plain common sense.

The just released Secunia Half Year Report – 2010, shows “an alarming development in 3rd party program vulnerabilities, representing an increasing threat to both users and business, which, however, continues to be greatly ignored”, supports my view that security is a shared responsible, and blaming Microsoft simply ignores the reality.

The report goes on to conclude, “users and businesses still perceive the operating system and Microsoft products to be the primary attack vector, largely ignoring 3rd party programs, and finding the actions to secure these too complex and time-consuming. Ultimately this leads to incomplete patch levels of the 3rd party programs, representing rewarding and effective targets for criminals.”

Key highlights of the Secunia Half Year Report 2010:

Since 2005, no significant up-, or downward trend in the total number of vulnerabilities in the more than 29,000 products covered by Secunia Vulnerability Intelligence was observed.

A group of ten vendors, including Microsoft, Apple, Oracle, IBM, Adobe, and Cisco, account on average for 38 percent of all vulnerabilities disclosed per year.

In the two years from 2007 to 2009, the number of vulnerabilities affecting a typical end-user PC almost doubled from 220 to 420, and based on the data of the first six months of 2010, the number is expected to almost double again in 2010, to 760.

During the first six months of 2010, 380 vulnerabilities or 89% of the figures for all of 2009 has already been reached.

A typical end-user PC with 50 programs installed had 3.5 times more vulnerabilities in the 24 3rd party programs installed than in the 26 Microsoft programs installed. It is expected that this ratio will increase to 4.4 in 2010.

The full report (PDF), is available here.

Each week, I receive the Qualys Vulnerability Report, and I never fail to be astonished by the huge number of application vulnerabilities listed in this report. I’ve always felt, that the software industry should thank their “lucky stars”, that this report is not particularly well known outside the professional IT security community. It’s that scary.

There is a solution to this quandary however – the Secunia Personal Software Inspector (PSI).

PSI constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application when available.

image

ZD Net, one of my favorite web sites has stated “Secunia Personal Software Inspector, quite possibly the most useful and important free application you can have running on your Windows machine”. In my view, this is not an overstatement.

Installing this small free application will definitely assist you in identifying possible security leaks; give it a try.

image

Quick facts:

The Secunia PSI is free for private use.

Downloaded over 800,000 times

Allows you to secure your PC – Patch your applications – Be proactive

Scans for Insecure and End-of-Life applications

Verifies that all Microsoft patches are applied

Tracks your patch-performance week by week

Direct and easy access to security patches.

Detects more than 300,000 unique application versions

Provides a detailed report of missing security related updates

Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.

Provides a Toolbox offering a set of links which helps you assess a problem and how you can resolve it.

System Requirements: Windows 2000, XP 32/64bit, Vista 32/64bit, and Win 7 32/64bit.

Download at: Secunia

Bonus: Do it in the Cloud – The Secunia Online Software Inspector, (OSI), is a fast way to scan your PC for the most common programs and vulnerabilities; checking if your PC has a minimum security baseline against known patched vulnerabilities.

System Requirements: Windows 2000, XP 32/64bit, Vista 32/64bit, and Win 7 32/64bit.

Link: Secunia Online Software Inspector

As an added bonus for users, Secunia provides a forum where PSI users can discuss patching, product updates, exploits, the PSI, and anything else security-related.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

23 Comments

Filed under Anti-Malware Tools, Cloud Computing Applications, cybercrime, Don't Get Hacked, downloads, Free Security Programs, Freeware, Internet Safety, Reports, Software, Spyware - Adware Protection, System Security, Utilities, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

Essential Security Precautions for Your New Christmas PC

image You’ve been pretty good this year, (haven’t you?), so you just might get a new PC for Christmas  But, before you test drive this new machine, there are some fundamental precautions you need to take before you connect to the Internet.

Since you are reading, this I’ll assume that you are aware that there are some fundamental precautions you need to take before you connect to the internet with your new machine. I’m hopeful that you are reading this on your old machine.

Patch your operating system:

image

Download and install all available patches, and service packs – if applicable, by connecting to Windows Update. Security Gurus will tell you that 50% of unpatched, and unprotected systems, will be infected with malicious code within 12 minutes of being connected to the Internet. Believe it!

Install a Firewall:

image

Windows 7 comes with a vastly improved Firewall – substantially better than in previous versions of the operating system. Still, many techies consider third party applications more effective.

There are a number of free firewalls that are worth considering. The following are two that do the job particularly well. (Choose only one)

Comodo Firewall Pro:

The definitive free firewall, Comodo Firewall protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet. I have been using this application for 18 months, and I continue to feel very secure. It resists being forcibly terminated and it works as well, or better, than any firewall I’ve paid for. This is one I highly recommend. Amazing that it’s free!

PC Tools Firewall:

I’ve been running with PC Tools Firewall for a few months, first on Win 7 Beta, and now on Windows 7 RC, and in this short time period I have been impressed with its performance. It installed easily, set up quickly, and has not caused any conflicts with my machine despite my sometimes esoteric running requirements.

The default settings are well thought out, and provide excellent protection for less experience users – and despite the hype put out by the IT industry, most computer user can be classified as having limited system experience.

Install anti-virus software:

image

There is no doubt that an unprotected computer will become infected by viruses and malware within minutes of first being connected to the Internet. There are many free versions of anti-virus software available, and the programs listed below have a well justified reputation. (Choose only one)

Avira AntiVir Personal:

This anti-virus program offers comprehensive protection with an easy to use interface. In the time that I have been testing Avira I have been impressed with its performance, and I have come to rely on it as my primary anti-virus program on an XP Pro system. I highly recommend this one.

Panda Cloud Antivirus:

I’ve been testing the Beta version of Panda Cloud Antivirus since the end of April 2009, off and on, and I’ve been pleasantly surprised with it’s performance, particularly the light use of system resources. This application is definitely not a resource hog, and I found it outstanding at recognizing and blocking malware threats.

Install Anti-spyware and Adware Software:

image

It’s not only a virus that can put your computer down for the count, but a multitude of nasties freely floating on the Internet. Listed below are a number of free programs that offer very good protection against malware.

Microsoft Security Essentials:

I’ve been running Security Essentials as a tester for months on my Win 7 machine, backed up by my usual, on demand, security applications and I’ll state, without any hesitation, I’m impressed. I highly recommend this free application.

Ad-Aware:

Many software reviewers consider Ad-Aware Free as the best free adware remover available. It does a relatively good job of protecting against known data-mining, Trojans, dialers, malware, browser hijackers and tracking components. The only downside with the free version is, real-time protection is not included.

ThreatFire:

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior. I highly recommend this one!

Internet Browser Protection:

image

Web of Trust (WOT):

WOT is a free Internet Browser add-on (my personal favorite), that has established an impressive 4.5/5.0 star user rating on CNET. WOT tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites.

SpywareBlaster:

SpywareBlaster prevents ActiveX-based spyware, adware, dialers, and browser hijackers from installing on your system by disabling the CLSIDs (a system used by software applications to identify a file or other item), of spyware ActiveX controls.

A secondary but equally important function offered by SpywareBlaster, is its ability to block spyware/tracking cookies and restrict the actions of spyware/adware/tracking sites in Internet Explorer, Mozilla FireFox, Netscape, Seamonkey, Flock and other browsers.

If you are now on the Internet, and you have not yet taking the precautions as outlined above, you are extremely vulnerable and it is critical that you take the following precautions:

Stop surfing the Web and patch your operating system. Only then download the protective software as noted above, or software that you are familiar with that will do an appropriate job of protecting your computer.

Do not visit any other websites until you have done this.

Additional security precautions:

Establish a password for the administrator account. Only you should have access to the administrator settings on your PC.

Create a new password protected user account. Using this account for your general day-to-day activities adds another layer of protection to your computer. A user account does not have the same all-access permissions as your administrator account, and in many cases this extra layer of protection will restrict malware from gaining a foothold on your PC.

Good luck and safe surfing.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

8 Comments

Filed under Anti-Malware Tools, Antivirus Applications, Cloud Computing Applications, Don't Get Scammed, Don't Get Hacked, downloads, Free Firewalls, Freeware, Internet Safety Tools, New Computer User Software Tools, Software, System Security, Windows 7, Windows Tips and Tools, WOT (Web of Trust)