Does Microsoft Show Hackers How To Attack?

After another security hole recently surfaced in Microsoft's Windows operating system, the software giant released a patch this past Friday to plug the possibly devastating "back door" which allows hackers to potentially seize control of any pc running Windows.

The latest threat, "Download.Ject," infiltrates computers after users surfing with Microsoft's "Internet Explorer" web browser visit websites infected with the virus.

This newest security patch covers Windows XP, 2000, and Windows Server 2003.

Several factors make this latest development more disturbing than past discoveries of security problems with Internet Explorer, currently the most dominant web browser on the market.

First, it demonstrates very clearly that criminals discovered they can use the power of viruses to very profitably steal important bank, personal, and credit data from people on a large scale.

Second, it took Microsoft what many would consider a very long time to come up with a patch for this problem.

Before a fix appeared, Microsoft told everyone who uses Internet Explorer to stick their finger in the dyke by putting their web browser security settings on high, rendering it impossible to view or use features on many websites and web-based services.

Third, expect this to happen again as new holes open in the future when Microsoft makes Windows more complicated, adds layers of code, and generally makes the operating system more complex.

This may sound like business as usual, however, I think this story actually points to a much deeper problem, one for which I'm not sure a simple solution exists.

Though free and reasonably reliable, many people do not automatically update their Windows operating system through the update service on Microsoft's website. (I won't even get into how many people don't operate up-to-date anti-virus protection.)

Whenever Microsoft publishes a security update, especially for a highly publicized and obviously widespread security breach, thousands of people will not immediately download the update.

In fact, tens-of-thousands of users will not download these security updates for days, weeks, even months (if ever).

So let me ask what seems like a very elementary question: By publishing security updates that point out very obvious flaws in their system, doesn't Microsoft also point the way to exactly where the holes exist?

Let me put it another way.

Doesn't this rate the same as discovering that the local bank vault won't lock and then announcing the details on the front page of the paper along with the dates and times no bank guard will be on duty?

After all, if tens-of-thousands of users won't immediately get the Microsoft Security Patch, don't those patches show hackers exactly which holes get plugged (and which, logically, must already be open without the patch)?

It doesn't take a hacker with more than a basic set of skills to recognize where and what holes got fixed and then reverse-engineer how they can get into computers that don't get updated.

Now, do I have a concrete, 100% bullet-proof answer to this problem? Unfortunately, I don't have more than a common- sense answer...

At this point, your best defense rates staying current on the latest threats and how to defend against them.

Keep your anti-virus software current, your firewall up, and your Windows software updated with the latest security patches.

Though not a perfect solution, at least you'll have a fighting chance to prevent, or at least minimize, any possible threats.

For more information from Microsoft's website, go here http://www.ebookfire.com/download-ject.html

About The Author

Jim Edwards is a syndicated newspaper columnist and the co-author of an amazing new ebook that will teach you how to use fr^e articles to quickly drive thousands of targeted visitors to your website or affiliate links... http://www.TurnWordsIntoTraffic.com

© Jim Edwards - All Rights reserved

http://www.thenetreporter.com

Related News

Tech Weekly: Windows 7 and location based services - guardian.co.uk Tech Weekly: Windows 7 and location based services guardian.co.uk, UK -13 hours ago Is the trend towards personalisation encroaching on our personal privacy, or will it break down the boundaries, and make the web work for us all? ... Personal Tech: ABCs of online security - Salt Lake Tribune Personal Tech: ABCs of online security Salt Lake Tribune, United States -Aug 12, 2008 Boulder, Colorado - More than 18 million college students will head back to school this fall and nearly every one of them owns a personal computer. ... Tech Mahindra’s future, sans BT - Livemint Tech Mahindra’s future, sans BT Livemint, India -3 hours ago Here are some figures: on 23 June 2006, personal loans constituted 27.33% of total non-food credit outstanding, while credit to the infrastructure sector ... N-Power announces Tech Pragati scholarships - Economic Times N-Power announces Tech Pragati scholarships Economic Times, India -7 hours ago Scholarships upto 50% of the course fees will be awarded to meritorious students on the basis of their performance in an aptitude test and a personal... Personal Tech: iPhone just got smarter - Salt Lake Tribune Personal Tech: iPhone just got smarter Salt Lake Tribune, United States -Aug 19, 2008 By Vince Horiuchi "Crash Kart,"a Mario Kart-like driving game, is shown running on Apple's new iPhone 3G. With all the hoopla over the iPhone 3G and its new ... Here, there, everywhere . . . where am I? - Atlanta Journal Constitution Here, there, everywhere . . . where am I? Atlanta Journal Constitution,  USA -8 hours ago My thoughts are increasingly disjointed as I wind down my final few days covering Tech as there are a lot of loose ends to tie up professionally, etc., ... TECH BLOG One Less Windows User - LinuxInsider.com TECH BLOG One Less Windows User LinuxInsider.com, CA -12 hours ago By Jason Z. Cohen After nearly five years, I needed to update my personal computer. My old Dell Inspiron has long since been rendered quaint by advances in ... McCain Outlines Technology Policy - Broadcasting & Cable McCain Outlines Technology Policy Broadcasting & Cable, NY -8 hours ago The tech policy section of the site also suggests McCain will favor personal responsibility and technological fixes for controlling content. ... Security With Advanced Technology and PepperBall Technologies ... - CNNMoney.com Security With Advanced Technology and PepperBall Technologies ... CNNMoney.com -Aug 26, 2008 Security With Advanced Technology, Inc. is a provider of high-tech security products and services, which include non-lethal personal protection devices, ... Jews aim to use tech tactics to counter anti-Obama 'rumor mill' - Ha'aretz Jews aim to use tech tactics to counter anti-Obama 'rumor mill' Ha'aretz, Israel -Aug 26, 2008 "It's micro-targeting, it works through your personal network ? the activists are just getting tools to do it effectively". "Technically, it's pretty simple ... Jewish Obama backers to fight rumorsPolitico all 22 news articles