Last weeks epic FAIL by Mcafee brings the entire Microsoft platform into perspective. It’s all broken:
- Symantec says that it has detected botnet infections on more than 1,100 separate computers spread across multiple subnets within the UK National Health Service (NHS) network
- Criminals are increasingly attempting to conceal malware embedded in hacked websites from search engines such as Yahoo! and Google
- Tom Köhler, Information Security Director at Microsoft Germany, said that, “Users who still have Internet Explorer 6 installed on their systems are taking an unnecessary risk and should urgently update to the free version 8, which offers a significantly higher level of protection.” [ agreed, but IE8 is at risk from other vulnerabilities ]
- McAfee has said that it will offer compensation to home and home office users for losses arising as a result of last week’s flawed signature update [ would any of those affected be happy with Mcafee’s offer of security software that combs through their systems? ]
- Microsoft has withdrawn patch MS10-025 for Media Services under Windows 2000 Server, which was published last week, because it is ineffective
- a third update for Internet Explorer 8’s cross-site scripting (XSS) filter will aim to fix yet another vulnerability, one which actually makes web sites that weren’t vulnerable, vulnerable
- “People can launch attacks without even knowing a line of code, and the infrastructure now exists to pay the attacker per exploit achieved,” said Bradley Anstis, vice president of technology strategy at M86 Security.
These are a small sample of issues from this week.
The Windows ecosystem has been broken since the dawn of time and it facilitates the dissemination of spam, viruses, and spyware that together result in a world of financial and other losses that are too great to tally. 1 in 4 machines with up-to-date Anti-Virus software, can still be hacked. So what use is AV you may ask?
It’s a stop-gap, a temporary shelter through which one hopes one can evade malicious code for a period of time. Hope: not very reassuring in circumstances such as these.
Question: when have you had enough? Time to make a choice …