Security Watch
Microsoft Makes Naughty List With 13 Bulletins for December
For those who have gotten accustomed to the small Microsoft Patch Tuesdays of the past few months, here's a rude wake-up call: Microsoft is finishing 2011 with 13 bulletins.
Looking at the bright side (if there is ever a bright side of testing and installing 13 fixes), only three were deemed "critical" by Microsoft. All three take care of remote code execution holes in different areas of Windows.
In fact, out of the remaining 10 "important" items, five also try to patch up remote code execution issues.
Microsoft is also trying to look at the bright side (if there is ever a bright side of creating and distributing 13 fixes) by focusing on the news it wants users to take to heart: There were only three critical items.
In a blog entry that accompanied this month's patch, Mike Reavey, senior director of Microsoft Security Response Center, points out that 2011 had the fewest critical fixes in the past eight years. According to the blog posting, only 32 percent of the 99 bulletins released this year dealt with critical issues. This is a stark difference to 2006, where the critical items neared the 65 percent mark.
Do you follow the same prioritization that Microsoft does when deploying updates, or do you see all of them as holes that need to be fixed, no matter their classification? Let me know at [email protected].
Villainizing the Zero-Day
Microsoft security employees deal with so many new threats and security issues on a daily basis that, in comparison, would make a Tom Clancy protagonist look lazy.
One security expert by the name of Mark Russinovich, a technical fellow for Microsoft, believes he's seen enough to create the ultimate fictional bad guy: the zero-day threat. Redmond magazine's Kurt Mackie took some time with the novelist to discuss his new thriller "Zero-Day," in which a security expert must race the clock to diffuse a cyber threat.
While the zero-day threat is real, Russinovich discusses how he created an imaginary flaw where malware was able to evade the honeypot URLs of security vendors. And while he admits that there is nothing like that out in the wild, the possibility of something like that coming along is plausible.
While there are no plans to throw a Jason Statham or Matt Damon on the screen as Russinovich's hero security expert, he is open for a Hollywood adaptation. If that becomes the case, expect a few "It's broken through our fourth firewall," lines to be shouted at a green computer screen.
Shopping for Malware
When shopping Wall Mart online, does it have a dash in the url or is it just one word? The wrong choice may sink your computer.
Security firm Websense is warning that many perpetrators of malware are just waiting for shoppers to accidently type in the incorrect urls. This will lead users to phishing sites that will load up your computer with some of the nastiest bugs online.
The security firm coins this action as "typosquatting," and warns that there are over 2,000 domains set up to catch users trying to get to Web sites of Best Buy, Wal Mart and Apple, to name a few.
The company warns that those shopping from work are also susceptible to this type of attack because many are trying to rush through their shopping during a lunch hour or when the boss isn't around.
Patrik Runald with Websense Security Labs is providing companies some advice to counter those employees who may be snared by typosquatting:
"Careful typing helps, but will never be enough, so it's highly recommended that companies install real-time e-mail and Web security, along with solutions that prevent data theft and loss of confidential information -- protection that traditional antivirus and firewall products don't provide."