A Penton Media Property
January 16, 2008
If you want to view this on the web go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96845-0-0-0-1-2-207
IN FOCUS
--Windows Needs a Package Manager
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
It's probably safe to assume that most computers are running some sort
of insecure application. That's not always the fault of the
administrator (in a business) or the end user (at home). After all, if
an existing vulnerability hasn't been discovered or made public yet,
then we certainly can't work to mitigate the problem. On the other
hand,
if administrators and end users of PCs aren't checking for known
vulnerabilities and the availability of updated versions of their
software, then responsibility for related insecurities resides firmly
with them.
According to data gathered by Secunia (available at the URL below),
approximately 95 percent of all computers have one or more insecure
applications installed such that remedies to those insecurities exist
but have not been integrated. The bottom line is that most people are
not patching or upgrading their software when security updates become
available.
secunia.com/blog/18/ (http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96846-0-0-0-1-2-207)
Secunia gathered the data using its free Personal Software Inspector
(PSI) tool, which is available for Windows 2000, Windows XP, Windows
Server 2003, and Windows Vista. The company said that the data is based
on information collected from 20,009 new users of PSI during the first
week of January. Secunia didn't indicate whether those users were
scanning their private computers or computers on a business network,
nor
does Secunia ask for such info before allowing people to download PSI.
However, it's obvious that people who use PSI are concerned about
security. So Secunia's data is even more interesting, because there's a
big probability that people who aren't concerned about security have
even more insecure applications on their systems.
One complicating factor with software updates is quite simply
awareness.
If people don't know an application has an update, they can't choose to
install it. As you know, the applications that don't offer some sort of
automated update notice outnumber the applications that do offer
notice.
How many people routinely surf the 'net looking for updates to all of
their applications? I suspect the answer is not many. So the use of a
third-party patching tool is vital, especially for home users who make
up the majority of computer users. That raises another problem: How
will
people find out about such tools?
In thinking about all this, it occurred to me that since Windows runs
on
most computers, Microsoft is in a position to take its security efforts
a gigantic leap forward by either co-marketing a tool such as Secunia
PSI or developing some sort of update alert API that third-party
application developers can hook into. So, for example, when someone
installs a new application, that application can use the hook to alert
people about software updates and provide information about how to
obtain and install the updates. Of course, this sort of functionality
could be created by any third party, but Microsoft is in the best
position to quickly distribute it far and wide.
You may know that this sort of functionality has long since been
available in the open source community. If you're familiar with Linux,
you know that most flavors have a package manager, which is basically a
front end for a giant repository of data about countless third-party
applications that are all packaged for easy installation. Individual
developers maintain each particular package in a decentralized fashion,
so updates to any particular package can become available at any time.
To ensure that a Linux system stays as up to date as possible, a user
needs to do two simple things: Only install new applications by using
the package manager (e.g., don't use independent software installers
unless absolutely necessary), and periodically run the package
manager's
update routine to update all installed software. That's it. A couple
mouse clicks or commands (if you prefer the command line) brings you a
complete system update across all applications regardless of who
developed the applications. Could it be any simpler than that?
Unfortunately, Windows itself has nothing close to that type of
functionality. Granted, Microsoft Systems Management Server (SMS) has
an
"Inventory Tool for Custom Updates" feature that can help update
third-party software. But as far as I know, there's no such tool from
Microsoft for people who can't justify using SMS, such as many small
businesses and home users, who probably make up the vast majority of
Windows users around the world.
I'm sure nearly all of you would agree that such a facility would be a
fantastic addition to Windows desktops. In fact, I can see how such a
facility would be one of the biggest security improvements Microsoft
could ever help to bring to fruition.
=====
Editor's Note: Security UPDATE is now available in HTML format, as an
alternative to text format. To change your preference to HTML, go to
www.windowsitpro.com/email (http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96847-0-0-0-1-2-207.
Note that you'll need to log on or register on our Web site to change
your format preference.
Security UPDATE will also be mailed from a different IP address range
and will have a different From address. Please adjust your email
service
provider and spam filter whitelists accordingly to avoid missing an
issue.
The new IP address range from which the newsletters will originate is:
204.92.180.[85-86]
The new From address is:
Security_UPDATE@email.windowsitpro.com
(mailto:Security_UPDATE@email.windowsitpro.com)
----------------------------------------
ADVERTISEMENT
CA
Data Protection and Disaster Recovery Tips
Discover a wealth of information about how to protect and secure
your
data in the event of a disaster. You may not be able to predict the
exact details of a disaster, but you can be prepared with a solid
response for when one strikes. Disaster can strike anywhere -- not just
where severe weather can hit -- so make sure you're ready when it does.
http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96848-0-0-0-1-2-207
----------------------------------------
SECURITY NEWS AND FEATURES
--New Rootkit Hides in the Master Boot Record
A new rootkit, based on code released in 2005, is making its way onto
Windows XP systems. The rootkit hides in the master boot record, so
after it's installed, it become more difficult to detect and remove.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96849-0-0-0-1-2-207
--Trustwave Adds Credential Management to Its Portfolio
In one of the first security-company acquisitions of the year,
Trustwave
announced that it purchased Creduware, maker of credential management
solutions.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96850-0-0-0-1-2-207
--Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security Alerts,
which inform you about recently discovered security vulnerabilities.
You
can also find information about these
discoveries at
www.windowsitpro.com/departments/departmentid/752/752.html
(http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96851-0-0-0-1-2-207)
----------------------------------------
ADVERTISEMENT
BeyondTrust
Problems removing Admin Rights? Best practices
Removing Admin Rights and applying the principle of least privilege
will decrease security breaches by malicious users and malware, and
reduce IT costs. However certain users require elevated rights in order
to run required applications, ActiveX controls and more.
Read this white paper to discover best practices for removing admin
rights.
http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96852-0-0-0-1-2-207
----------------------------------------
GIVE AND TAKE
--SECURITY MATTERS BLOG: GMER--a Free Rootkit Detector
by Mark Joseph Edwards
Can you ever have enough security tools? Here's one you might have
overlooked: GMER, a free rootkit detector and removal tool.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96853-0-0-0-1-2-207
--FAQ: Locking Down PCs' Portable-Media Drives
by Randy Franklin Smith
Q: How can I prevent write access to portable media devices?
Find the answer at
www.jsifaq.com/SF/Tips/Tip.aspx?id=11357
(http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96854-0-0-0-1-2-207)
--FROM THE FORUM: Installing Antivirus on a Flash Drive
A forum participant wants to install antivirus software on a USB flash
drive but doesn't know how to partition the flash drive and do the
installation. Can you help solve this problem? Lend a hand at
forums.windowsitpro.com/web/forum/messageview.aspx?catid=42&threadid=88742&enterthread=y
(http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96855-0-0-0-1-2-207)
--SHARE YOUR SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems and solutions
in
Security Pro VIP's Reader to Reader column. Email your contributions to
r2r@securityprovip.com (mailto:r2r@securityprovip.com). If we print
your
submission, you'll get $100. We edit submissions for style, grammar,
and
length.
PRODUCTS
--Security Solution Combines Professional and Managed Services
by Renee Munshi
Incentra Solutions introduces GridManage Security, a security program
for midtier enterprises that combines professional and managed
services.
The GridManage Security program begins with a vulnerability assessment
and a plan to address and remediate any vulnerabilities. The GridManage
Security portal gives administrators one dashboard for monitoring
security devices and programs such as firewalls, VPNs, intrusion
detection and prevention services (IDS/IPS), Web browsing and email
antivirus, and email spam and Web content filtering services.
GridManage
Security also provides monthly reviews and quarterly reports. Incentra
developed GridManage Security in partnership with Perimeter eSecurity.
For more information, go to
www.incentrasolutions.com/ (http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96856-0-0-0-1-2-207)
RESOURCES AND EVENTS
Create an Environment for Sustaining Compliance. Compliance is not a
single, point-in-time objective--mandates, systems, and businesses
change and evolve. This free Essential Guide discusses solutions that
can reduce your costs while improving compliance and realizing business
value from compliance efforts. Find a solution that improves your
security posture, ensures that you're complying with multiple mandates,
and generates reports that demonstrate that compliance.
www.windowsitpro.com/go/eg/shavlik/compliance/?code=1908er
(http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96857-0-0-0-1-2-207)
Explore SAN copy and replication methodologies, in conjunction with
backup and restore, delivering more efficient operations and
dramatically improving overall business continuity. View this Web
seminar to learn about current commonly used backup/restore
methodologies, SAN copies and replication methodologies, requirements
for enabling different solution designs, and inherent strengths and
weaknesses of various solution designs.
www.windowsitpro.com/go/seminars/equallogic/backup/restore/?partnerref=1908er
(http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96858-0-0-0-1-2-207)
So You Think You're Compliant...
According to Gartner, 30 percent of enterprises will experience at
least
one audit per year. There's no way for you to be entirely sure that
your
organization is in compliance with software regulations. Join this Web
seminar to learn all about a new solution that can help you avoid
audits, control licenses, maximize key user productivity, and more.
www.windowsitpro.com/go/seminars/macrovision/softwareregulations/?partnerref=1908er
(http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96859-0-0-0-1-2-207)
FEATURED WHITE PAPER
Don't miss this hot new white paper on SharePoint security. "Securing
Your Valuable SharePoint Data" focuses on solutions to backup and
recovery challenges in Microsoft Office SharePoint Server 2007, such as
the recycle bin's lack of a hierarchical view, preview functionality,
and ability to restore individual items from deleted containers and the
fact that the backup and recovery tool is Web-based and provides no
native scheduling functionality. Download this white paper to get help
extending your organization's backup and recovery capabilities.
www.windowsitpro.com/go/wp/quest/spdata/?code=1908e&r
(http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96860-0-0-0-1-2-207)
ANNOUNCEMENTS
Exchange 2007 Mastery Series: January 28, 2008
LAST CHANCE TO REGISTER !
Get three info-packed eLearning seminars hosted by Windows IT Pro for
only $99!
Mark Arnold--MCSE+M and Microsoft MVP--will coach you through
Exchange 2007 storage solutions: planning for archiving and compliance,
optimizing your iSCSI network storage, and finding the sweet spot
between memory and spindles.
www.windowsitpro.com/go/elearning/masteringexchange2007
(http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96861-0-0-0-1-2-207)
CONTACT US
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and Security Pro VIP (second URL
below).
http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96862-0-0-0-1-2-207
http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96863-0-0-0-1-2-207
You are subscribed to this newsletter as boy.blogger@gmail.com
Manage your Security UPDATE subscription at
http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96864-0-0-0-1-2-207.
Be sure to add Security_UPDATE@email.windowsitpro.com
to your spam filter's list of allowed senders.
To contact us:
About Security UPDATE content -- mailto:letters@windowsitpro.com
About technical questions -- http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96866-0-0-0-1-2-207
About your product news -- mailto:products@windowsitpro.com
About your subscription --
mailto:windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE --
mailto:salesopps@windowsitpro.com
View the Windows IT Pro privacy policy at
http://ct.email.windowsitpro.com/rd/cts?d=33-1391-803-202-62923-96867-0-0-0-1-2-207
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2008, Penton Media, Inc. All rights reserved.
No comments:
Post a Comment