Share it !
Recent newsmaker stories regarding Microsoft Windows security highlighted the recurring theme that there are "care and feeding" issues related to using computers in the dynamic, connected world of the Internet. Just days ago this month, computer users of home PCs, businesses, and mobile laptop users were affected. In this case, the issue was an animated cursor (typically, an ".ANI" file) exploit, which abused a Windows feature, and therefore created the issue.
The impact potential was high; if attacked, most recent versions of Windows (2000, XP, 2003, Vista) permitted the bug to engage "Remote Code Installation and Execution" without the user's knowledge. Under the right conditions, simply viewing a baited web page could set into motion the steps to infect the host PC with progressively damaging malfunctioning software (malware). The malware could take many forms, in a stealth-like fashion, with users unable to detect anything unusual, which makes this particular infection damaging to Internet coupled PCs. At worst, potentially your PC could automatically join a network of remotely controlled "zombie" computers, ready to perform additional malicious tasks to the connected world under remote direction. PCs left powered on for long periods unattended or in "screen saver" mode could do lots of downstream damage, switching to a more subdued, "light-impact" mode when the unsuspecting user returned to the PC.
This particular exploit was notable, in that a variant was apparently identified and patched in 2005, with a second form of the exploit surfacing in December 2006. Further, the typical practice of using firewalls, anti-spyware, and anti-virus applications would not have prevented infection, leaving many users with a false sense of security, so to speak. Reportedly, the exploit could happen whether you used Firefox or something other than Internet Explorer 7 under Windows Vista (in protected mode) to browse the web (though Vista was not totally immune).
The good news- there have been several patch updates from Microsoft to correct this condition on the windows update website. This real-life technology drama may illuminate a thought in your own situation. Is now maybe a good time to review my own procedure for ensuring a secured and sound computing environment in my company? Could be; Array Systems suggests the following basic operational components be included in a security review:
Anti-Virus.
Make sure you have recent versions and current definition (signature) updates. There are license fees/renewals with most products, which should be maintained or checked.
Anti-Spyware.
Similar to Anti-Virus in function- ensure updates and versions are current for this tool to be effective. This can be part of a suite of defense products, all with the intent of providing added protection.
Microsoft Update.
A free Microsoft web service that provides direct and concise access to software updates for Microsoft products (Windows, Office, etc.) You can set manual or automated updates, but you should understand the ramifications of each method.
Firewall.
Hardware firewall devices are preferred, as some software based firewall/Internet security products can be ineffective for certain environments.
Gateway/Content Filter.
Hardware and software based devices which can provide active protection between internal users and the Internet, and also manage wireless, PDA/mobile users, remote access, etc.
In addition, there are behavioral (human factors) components that should be part of the security review, which do not involve hardware or software. For example, antivirus experts have noted that perhaps 35-40% of virus definition/signatures are unavailable on average, due to delays in developing remedies or in detecting new malware exploits. Therefore, the habits and interaction patterns of users become a vital part of a security protection strategy, which might include:
Email.
Don't open attachments, or click on hyperlinks unless you are sure of the content. This is similar for web links embedded in email messages, and is independent of whether full-client applications or web-based browsers are used. Consider when to use email, or revise company policy to standardize its use.
Web browsing.
Stay away from unknown websites. Websites are now the most common source of PC infection. (Even the official NFL SuperBowl website got infected most recently). Spear phishing is particularly harmful in that it targets truly authentic looking, legitimate websites, using well written grammar and customer data, to lure the user viewing the website into infection.
Passwords.
Maintain established complexity and change frequencies suitable for your environment. Like keys to locks, passwords are the primary mechanisms for controlling access to networked computers.
Remote access.
Consider the method and management of outside access to company infrastructure. Who is permitted, how, and using what devices may be a part of the design.
Data management.
Similar to remote access, consider the data involved. Allow only authenticated access to critical information, and actively manage where and how information is used if on portable devices or outside systems. Is internal business data stored permanently on portable devices? Are portable devices/laptops protected?
Security issues related to Windows fall under many names (beyond malware), which specifically equate to hardware, software, network and user components too numerous (and specialized) to adequately address in this article. Terms such as IDS (intrusion detection), port attacks, Phishing/Spear phishing, Root kits, Social Engineering, Spam, Spyware, Trojans, Virus, etc. are but a brief sample list of keywords found on popular web searches. Each has deeper meaning and implications that can fill entire articles in themselves. Awareness, understanding, acceptance, and change start the steps toward action in the highly interconnected world of present day secured computing. The fluid, interactive nature of the Internet will require a progressive response to maintain a trouble-free web experience.
Got a question? Need Help?
Please visit our website: Array Computer Network Support in Los Angeles
Ask a question at our blog site:AskSid.com
Email: skato@arraysystems.com
Call us Toll Free: (877 ) 412-7729
Sid Kato is the president of Array Systems Inc. and author of the Daily Breeze "computer-wise" column. Array Systems is an IT Outsourcing and Computer Network Support company that aims to help small businesses throughout the greater Los Angeles area with all of their technology demands. In business for over 16 years, Sid knows where the pitfalls are.
Today, Information Security is the most important thing to be taken care of while using the Internet.
Internet, Being a source of knowledge, learning and entertainment, it is also something that can be misused for malicious and destructive intent.
So what do I mean by "Securing Windows"?
Windows being the most widely used operating system, Its users are vulnerable to data theft, Identity theft and cracking. By taking some precautions and a few good practices, you can secure your Windows computer, easily and effectively.
Security is a big field altogether in the world of computers, there are huge corporations that only specialize in security. This article is for the type of security you can use for your home computer and not it is not for huge corporate setups, since they have a much larger perspective.
To begin with, let me summarize the points that I am going to cover in this article
Understanding Windows processes that run in the background.
Antivirus software, and sources of viruses
Firewall
Security tips and tricks
Understanding Windows Processes
Every software, application we install in our computer runs as a "process", it is a way that the computer can keep track of running software, close it, or even modify it in some cases.
So where can you see them?
You can see the processes by following these steps -
Right-click the taskbar down below, select "Task Manager"
Select the "Processes" tab
Or - You can also open Task Manager by pressing (CTRL+SHIFT+ESC)
Once you get there, you can see all the processes that are currently running on your computer. This gives you a detailed overview of what exactly is going on in your computer. You can see what process is running, and how much of your system memory are they using.
Here is a list of common Windows system processes that can be found there,
Ctfmon.exe
This is involved with the language/alternative input services in MS-Office. Ctfmon.exe will continue to put itself back into the system startup when you run the MS-Office apps as long as the Text Services and Speech applets in the Control Panel are enabled.
Explorer.exe
This is the Windows Shell - the desktop, taskbar, icons almost everything that you see in windows is controlled by this process
Svchost.exe
Svchost.exe (Generic Host Process for Win32 Services) is an integral part of Windows OS. It cannot be stopped or restarted manually. This process manages system services that run from dynamic link libraries (files with extension.dll). Examples for such system services are: "Automatic Updates", "Windows Firewall", "Plug and Play", "Fax Service", "Windows Themes" and many more.
Winlogon.exe
This controls the authentication of Windows users. It is one of the most important system processes.
Rundll32.exe
This program is part of Windows, and is used to run program code in DLL files as if they were within the actual program. DLL files are a part of the Windows programming.
Csrss.exe
This is the user-mode portion of the Win32 subsystem; Win32.sys is the kernel-mode portion. Csrss stands for Client/Server Run-Time Subsystem, and is an essential subsystem that must be running at all times.
When looking at the processes, you can also see the memory they are consuming, using the task manager process list, you can also close a non-responsive program.
From the security aspect, any Virus, Spyware will show up in this list, so this is a very important tool that you can use when you feel you have a virus or a spyware installed on your computer.
Sometimes you can directly say whether a process is running a virus or not, when you click on it, it will just 'slip' out of your mouse pointer and will change its position, these are the advanced viruses designed to evade from being manually removed.
Antivirus Software
Antivirus software is one of the first and foremost thing that you must install after getting a new system, or after you have re-installed your operating system.
Choosing the right anti-virus software is very important; it is very much dependent how fast your computer is. An Antivirus constantly scans your system's active processes and is vigilant, so as to prevent any threats. With thousands of viruses releasing every day, here are some things to note -
Prevention is better than cure, right?
Antivirus software priority - it should be the first thing you must install after getting a computer.
Never opt for 'Trial version', either purchase a full version, or use the free version with lesser features. The problem with trial version is, that once it is expired, it will stop protecting your system and trouble you with constant security alerts, which means, your computer is at risk while you are battling with security alerts.
Always keep your antivirus software updated, most of the antivirus softwares update automatically. However for some reason if they are not able to, update manually.
So why does it needs to be updated?
Companies that make these softwares release new virus Signatures or 'patterns' every week and in some cases even daily. The antivirus on your computer must learn about those new threats, so it downloads the new patterns from the server, while ensuring that you are protected from the latest viruses.
Virus Sources
There is no prime source of viruses, they can come up from just anywhere. However, here are some things you should be aware of -
EXE Files- Exe files are executable files that windows uses to execute or start any program, application or even a software.
Exe can contain viruses, even spyware designed to track your system, Always scan a file before opening it
Websites - Never accept a link from anyone whom you don't know. There are websites on the internet specially designed to compromise your computer, they may be in a form of internet chat, a forum, a game, or even music.
USB Flash Drives- we all share data, and use USB flash drives to carry our data with us. If you use your disk on an infected system, your disk will catch that virus, and will begin infecting every computer you insert it in. Always scan a USB flash drive before opening it.
Firewall
So what is a firewall?
In simple terms, It is an application that is designed to control and analyze the network traffic coming in and out of your computer.
It is like your pet dog that only allows certain people into your house, while preventing unauthorized people or intruders, at the same time alerting you at various occasions.
So why is a firewall important?
Everything that is in your computer needs to be protected. Your personal documents, photos, financial information, even your passwords. When your computer is connected to the internet, your data is susceptible to theft. Major corporations spend millions of dollars just on firewalls. According to a recent news report, Sony's Play Station was hacked, and a lot of data was leaked. This cost the company millions of dollars.
Taking little bit of care about your computer security and escalating it, can be very beneficial.
Does Windows have an in-built firewall?
For starters, newer versions of windows like the windows 7, has an amazing inbuilt firewall, also known as the windows firewall, It allows granular control over your systems' networking, even defining rules for applications that are installed in your computer.
Windows firewall also has different profiles like 'home network' and 'public network'. This allows easy one click configuration, wherein you change the settings depending on the location you are using.
When you're connected to a public network like a library or a coffee shops' wireless network, you may want to block all incoming connections and can select the public network profile.
At home or work, where you may be sharing files over the network, you can easily switch to the home network profile.
You can access windows firewall by - clicking the Start button clicking Control Panel, clicking Security, and then clicking Windows Firewall.
Make sure that your firewall is set to 'ON'
For advanced users, you can even install a free third-party firewall like "Comodo Firewall". It is one of the most advanced, and free firewalls that I have encountered and the one I personally use. This is however not recommended for basic users, since its configuration requires a very good understanding of the windows operating systems and its architecture, and about TCP/IP.
Security tips and tricks
Be cautious with your computer Administrator passwords, never store them anywhere, always memorize them, they are the key to your system. Someone who is trying to gain remote access to your system won't get through if he cannot guess your password. Try to include a combination of special characters, numbers and letters for your password.
Download softwares only from reputed websites, these include Cnet.com, FileHippo.com, Soft32.com.
These websites never host malicious softwares, and always scan them with an antivirus before hosting them.
Always scan your USB flash drives with your antivirus before opening it.Simply Right-click your disk in My computer, and select 'Scan with' - your antivirus
Run a full system scan every month. This will help removing any viruses that have crawled in.
Never turn off your anti-virus software or your firewall. Many a times people suggest turning them off.
If possible, get a security expert to analyze your computer once a month. A security expert will check your computer in great detail and will suggest you to remove any programs that may compromise your computer.
Windows update - Always use windows update and set it to automatic. Windows updates are critical system patches that escalate your system security or patch any vulnerability that was otherwise found by Microsoft security experts. Many people don't realize the significance of Windows Update,until they are infected.
User account control - User account control is a security feature in windows that should always be 'ON', it prevents the execution of malicious code.
Web Browser - Always update to a newer version of a web browser, they are better, faster and more secure. Because everything today is web-based, security of your web browser is the most important thing.
User Accounts - Always keep the guest account disabled, and create a new administrator account for yourself. Never use the default administrator account.
These are the basic steps that you can use to secure your Windows computer.
Geek-Assist.com is a leading provider of 24/7 online computer support services. Geek Assist also provides security consultation,to help users secure their computer against hackers, viruses, malware, and firewall configuration. Geek-Assist is currently solving hundreds of issues everyday while being one of the most affordable online computer support solutions. Call 888-408-5784 (toll free) Now, to get instant help. To visit geek assist online, click Here
Global reach and the information highway have changed the way individuals and businesses function. Computerization, the World Wide Web, and B2B and P2P applications have added a zing to business activities. The reach has grown beyond physical confines and boundaries to embrace the world.
In the fast paced world of business what causes grave concerns in security. With the use of computers and links to cyber space corporate crime is at an all time high and
1. High level security. Most companies spend thousands of dollars in securing their business data as with the advent of the World Wide Web cyber thievery is at an all time high. Vista is designed to provide multiple layers of protection. It will protect the business from external attacks and there are ways in which crucial information and data can be protected by creating a fortress of authorized access.
2. Back ups are automated and files can be recovered easily. So, if any information is inadvertently deleted it can be recovered.
3. Since the cyber highway is where security is lax and threats exist, Vista has Windows Internet Explorer 7. This is very advanced and provides great amounts of browser security and grants privacy protection. So while your employees can browse the World Wide Web for business related purposes thieves will not gain ready access to your company systems.
4. The Windows defender program has been integrated into Vista to protect your business system from malicious soft wear.
5. Wireless networking systems are secured by Vista such that employees can connect to multiple networks simultaneously without any trouble. It has a secure wireless networking protocol and Wi-Fi Protected Access 2 (WPA2).
6. Internal threats are averted as Vista ensures that data is kept secure and confidential by encryption, assigning a high level of protection, and selective authorization of removing of storage devices like USB and flash memory drives.
Vista has been developed keeping in mind the threats being posed to computer users today. And, a new version of Windows Firewall has been developed to protect computers from inbound and outbound traffic threats. The UAC or user account control has been under continuous revamping and takes into consideration serious criticisms made throughout Vista development by techies on the Vista watch.
Paul Thurrott who has been monitoring Vista since the very start has written glowing reviews of Vista security features, the integrated anti-spyware product , Windows Defender, security improvements to IE7, parental controls, and more.
Security enhancements in Vista are more than welcome and users both business and individual are looking forward to the release of the final Vista package.
Aaron Brooks is a freelance writer for http://www.1888softwaredownloads.com, the premier website to find Free Software Downloads including free anti-virus software, free spyware detection software, free toolbars, free chat software and more. He also freelances for Free Online Games site http://www.1888freeonlinegames.com/profile-miniclip-games-10.html
