By Liam T, Security Advisor, SecureTec Australasia
Firewalls, antivirus, and antispyware programs are an essential part of keeping your computer secure, but allowing insecure programs to access the internet threatens to undermine this protection. An “insecure program” is simply a program which contains a known security vulnerability which all too often has the potential to allow an attacker unrestricted access to the computer. In my experience it is not uncommon to find between 5 -10 insecure programs installed on an average computer.
A firewall can stop unauthorized access to the computer and prevent unauthorized programs from accessing the internet, but allowing an insecure program to access the Internet is a bit like leaving a bank vault door open and hoping the security guard inside (your antivirus/antispyware protection) is tough enough to deal with the criminals which will inevitably show up.
Ensuring you have the latest updates for Windows and “all” the other software installed on your computer will protect your computer from many common security exploits and in essence close the door to the vault. But this can be harder than it sounds, which is why I’m sharing a few tips to make it easier to stay ahead of exploits.
1. Make sure you have enabled Automatic “Microsoft” Updates. The first step in ensuring your computer is up to date, is to make sure that the Windows Automatic Updates are turned on and that you are checking for “Microsoft” Updates as opposed to “Windows” Updates. Microsoft Updates will update the majority of Microsoft products (including Office) in one go, whereas Windows Updates generally only updates Windows itself. To enable checking for Microsoft Updates click the link below and follow the prompts:
2. Check for and update insecure programs. Checking for and updating insecure programs installed on your computer can be quite troublesome, but thankfully this task has been made significantly easier with the release of software scanning tools from Secunia:
Secunia Corporate Software Inspector (more advanced paid version for businesses):
3. How secure are the programs you use? Ensuring software is up to date is an important step in staying secure but it will still not prevent exploits in programs for which a patch or update has not been released. For example, Internet Explorer was vulnerable to exploits for 284 days in 2006, leaving users exposed to potential attacks. Other easily forgotten software which use browser plugins, such as Macromedia/Adobe Flash, Adobe Acrobat, Java and QuickTime, also tend to be hit by several exploits a year. If you would like to check the security of specific programs you use, you can do so here: http://secunia.com/search/
Many users have also experienced fewer incidences of browser exploits using Mozilla Firefox as an alternative to Internet Explorer. Firefox, like Internet Explorer, has its share of security flaws but their patch release time is extremely fast, averaging 1-3 days, unlike Internet Explorer which has at times been weeks or even months before a patch was released. More information about Firefox can be found here: http://www.mozilla.com/firefox/. Users of alternate web browsers like Firefox still need to ensure that the plugins for their browser such as Flash, Acrobat, Java and QuickTime are always kept up to date.
As many security exploits target common web browsers and their plugins, ZoneAlarm ForceField was released to provide protection against these threats. ZoneAlarm ForceField protects Internet Explorer and Mozilla Firefox, and their plugins, by creating a virtual "bubble" around the web surfing session, protecting the computer from fraudulent websites, Phishing scams, Spyware websites, and dangerous downloads. If you aren’t already using it, you should seriously consider it.
NOTE from the ZoneAlarm team: ZoneAlarm security suites also have a program control feature that may provide some protection when no vulnerability patch is available. By default, ZoneAlarm program control’s “least-privilege” policy can help prevent an application from running in a way that allows the vulnerability to be exploited. For example, say a vulnerability exists for an application and you cannot patch it yet. The vulnerability may require that the application have server rights
to in order to be exploited, but thanks to the least-privilege policy, server rights would not be granted.