Tuesday, May 03, 2005

Latest Computer RIsks Identified
Are your institution's computers protected against the latest critical vulnerabilities? How about your home PCs?

The list of potential threats continues to grow. Today, the Sans Institute released its revised and updated list of the Top 20 Most Critical Internet Vulnerabilities for the first quarter of 2005. Every IT manager, every computer owner should study the list and ensure that appropriate patches and other remedies have been applied.

For the summary list of vulnerabilities go this page and scroll down. Full details are found here.

The software and operating systems listed are in widespread use. They even include RealPlayer and iTunes. Is nothing safe anymore??

This is the time to dig in to the reguoatory guidance on patching. It's a regulatory issue, a safety and soundness issue. Your ability to continue conducting business smoothly can be jeopardized. Your reputation can be harmed. Data compromises could occur, depending on the vulnerability. Go forth and patch!

Virus City
I've lost hours of productivity over the last week as I've dealt with countless alerts telling me my anti-virus software has detected one virus after another in emails that are being generated, sometimes with spoofed addresses, by the latest batch of mass mailing worms.

According to ZDNet, the latest variant of the Sober worm is spreading so rapidly that it now makes up two-thirds of virus traffic on the Internet. It is propagating with astonishing speed and penetration. Read about it. Many of the alerts I've been getting, however, are instead about one of the W32 Netsky worms.

Time to check your virus software configuration, subscription status, scan schedule, and live update frequency and remind your employees about basic safety precautions. After all, there's often a lag time between when a new virus is let loose in the wild and when it's discovered and added to virus definitions. That leaves a time period when you're left unexposed and the basis rule of not opening attachments you don't expect is crucial. It's best to not even open the emails at all -- much less the attachments you don't expect, because some variants of some threats can now do harm without the attachment being clicked. If you've ever been on the receiving end of a true infection by malware, you know that once is one time far too many. There's no substitute for proactive preventive measures.

(0) comments <$BlogCommentDeleteIcon$>
Post a Comment

This page is powered by Blogger. Isn't yours?