On June 13th, Microsoft released twelve new security updates for its Windows Operating system. Eight of the twelve updates are identified as Critical. It is important for user's of Microsoft software to constantly keep their system updated with the security updates in order to protect themselves from viruses and other exploits.
Many pundits and computer hackers argue that Microsoft products are the target of so many viruses because the software is poorly designed. Other people dismiss that argument and suggest that the reason is more likely related to the fact that Microsoft products are so widely deployed throughout the world. According to the Southern Maryland Online administrator, more than 97% of recent somd.com readers were using a Microsoft Operating system. 0.8% were Macintosh users and 0.2% were using Linux. The remainder were using various other operating systemsprimarily a Unix-derivation.
Many early worms and viruses were designed to be a nuisance or to cause destruction on the infected computer. However, the viruses and worms that are being deployed today are often done so in pursuit of criminal activities. Information theft is a major concern. An infected computer might transmit all of the contacts in an address book to a spammer who adds those names to his database so they can be used or sold. A key-logger might also be installed that captures account information such as usernames and passwords for on-line commerce and banking sites.
Another common scheme involves turning an infected PC into a drone that sits by waiting for commands from the criminal's control server. Unbeknownst to the PCs owner, the infected computer can be commanded to send out SPAM email or launch a Denial of Service (DoS) against another victim on the Internet. Using compromised computers as SPAM drones makes a lot of sense for spammers. This method of doing business means that the spammers don't have to continually rent servers from which to send their SPAM. As soon as they get shut down because of complaints to the ISP, the spammer has to move on to another server. By infecting countless thousands of computers located through the world, the spammer has at his disposal an army of drones from which to send his email. There is no cost to him and if the machine gets booted off the Internet for a Terms of Service (ToS) violation, the spammer suffers no personal expense or inconvenience.
A Denial of Service (DoS) attack involves commanding drone computers to send a continuous stream of data to one or more websites. When this data is combined with data being sent from countless other drones, the net effect is to overload the victim website and take it off-line. A DoS attach might be launched as retaliation or as a method of extortionpay up or we'll put you out of business.
Windows XP users who have enabled Automatic Updates in their Control Panel should have received the new updates by now. Other Windows users can check to see if they need the updates by going to http://windowsupdate.microsoft.com/. Windows users are also advised to install and enable firewall software, anti-virus software and anti-spyware software.
Windows XP comes with free firewall software pre-installed. Unfortunately, Windows does not currently come with either anti-virus or anti-spyware software. You can find more information on available products at the following pages:
http://somd.com/mp/computers/firewall/
http://somd.com/mp/computers/antivirus/
The list of security updates that were recently released by Microsoft are listed below:
MS06-011 - is a re-release, addresses a vulnerability in Microsoft Windows XP and Windows 2003 only, and has a maximum severity rating of important
MS06-021 - addresses several newly discovered vulnerabilities in Internet Explorer and has a maximum severity rating of critical
MS06-022 - addresses a newly discovered vulnerability in Internet Explorer and has a maximum severity rating of critical
MS06-023 - addresses a newly discovered vulnerability in Microsoft Windows and has a maximum severity rating of critical
MS06-024 - addresses a newly discovered vulnerability in Windows Media Player and has a maximum severity rating of
critical
MS06-025 - addresses two newly discovered vulnerabilities in Microsoft Windows and has a maximum severity rating of
critical
MS06-026 - addresses a newly discovered vulnerability in Microsoft Windows and has a maximum severity rating of critical
MS06-027 - addresses a newly discovered vulnerability in Microsoft Word and has a maximum severity rating of critical
MS06-028 - addresses a newly discovered vulnerability in Microsoft PowerPoint and has a maximum severity rating of critical
MS06-030 - addresses two newly discovered vulnerabilities in Microsoft Windows and has a maximum severity rating of important
MS06-031 - addresses a newly discovered vulnerability in Microsoft Windows 2000 SP4 only and has a maximum severity rating of moderate
MS06-032 - addresses a newly discovered vulnerability in Microsoft Windows and has a maximum severity rating of important