Security Corner

Nov 27 2009   5:02PM GMT

Golden Rule #5: If You’re not Patched, You’re a Target

Ken Harthun Ken Harthun Profile: Ken Harthun

OK. So you’ve installed a NAT router, you’ve changed the default login and passsword, and you’ve used an unguessable password. You’ve done everything right so far; however, you still may be vulnerable–in fact, you probably are, even if you keep your operating system patched. In a 2007 Lockergnome posting, I wrote:

“To say nothing of Microsoft Windows, there are few, if any, application software packages that are free of security vulnerabilities. The SANS Institute publishes its Top 20 Internet Security Attack Targets on a regular basis and Secunia currently lists 14,043 pieces of software and operating systems with vulnerabilities.”

Not surprising, Secunia reports that as of November 27, 2009 , the above number has increase by almost 13,300:

“Our database currently includes 27,298 pieces of software and operating systems.”

It probably won’t surprise you that Microsoft leads the list, but that is by no means the only source of security vulnerabilities out there. The truth is, if you’re on the ‘Net and running any unpatched software, you’re a target; I can look at my firewall logs and identify what vulnerabilities are being targeted on my machine. Many of these holes have long since been patched and there’s no excuse for your not having patched them.

So much for the bad news. The good news is that most reputable software companies, when informed of a vulnerability by security researchers, promptly issue a software patch to fix it. These are widely available to the public for free download or through update features built into the software packages. Windows and other software packages allow you to enable automatic updates (which you should do).

Golden Rule #5: A vital part of PC security is keeping up with software patches for ALL of the software on your system, not just the operating system. Where it is available, use the software’s automatic updates feature.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: