It was on Tuesday night that I noticed a slew of updates for my Windows 7 computer. Normally, there’s one or two that come through but I was quite surprised at the large number.
I’m still not quite sure while the USB driver failed to install but the rest was good. Generally, I just go ahead and let the software update go ahead and apply the patches without too much concern on my part. Periodically, though, I’ll give the update a link to get some more details about give it a read.
That does sound serious. I’d better dig for some more details.
Yes, this is indeed serious… I read it three or four times trying to understand what was happening and must now confess that I haven’t a clue. There must be some pretty smart people writing the malicious code that will exploit these vulnerabilities. In response to the birage of updates, there were messages indicating that people felt pretty smug about running the Macintosh OS or some version of Linux. But, as Miguel Guhlin points out, that may be a false sense of security. His post “Mac Antivirus Solutions” offers a balanced lesson in common sense about the dangers of anyone who is connected to a network or sharing files.
Fortunately, there are a lot of really smart people who are writing the updates and software that combat the malicious code and all that users need to do is keep updates posted and anti-malware functional and updated on your computers, right?
Further exploration reveals an even deeper discussion than simply patching and applying software to stop things. In an entry on the Microsoft security website, there is a call for “The Need for Global Collective Defense on the Internet“. It is a good read and thoughtfully indicates that this is more of an “us” problem than a “you” problem seeking a different type of solution. Microsoft shares a vision of an internet with “End to End Trust“. Both are excellent reading to provide some deeper insights into this issue. Why do we need to worry? After all, we’ve come to live with spam generated by email malware, right? It only takes an incident like the virus reportedly loose at the Iranian nuclear plant to make you realize that we’re all in this together. Running a Macintosh computer won’t bail you out of a catastrophe like that.
Are we our own worst enemies in this?
The malware authors have great targets. There are so many folks that just don’t know or care to get their computer protected. There is a sense among many that getting it right is a one time event instead of an ongoing process. I’m amazed at point of sale computers in stores or computers in schools or information kiosks or accounting systems in offices that are running on very old computers with very old software. Immediately noticeable is the operating system. Without a doubt, Windows XP is the most common operating system. Microsoft developed a powerful product at the time. This operating system was introduced October 21, 2001 and has three service packs. Support for the product ended on June 13, 2010. Will it go away? It’s hardly likely. People feel comfortable with its functionality and the applications that run on it. I’ve got a computer – why do I need to do anything more?
If you’ve stuck with this post this far, I would offer one more link to think about. It’s all about Battling Botnets. It provides a deep discussion on the topic and is fairly readable. It also affirms the notion of staying current with your operating system. Are older operating systems at risk? Take a good look at the chart and the underlying analysis. Of interest if the maturity of Windows Vista and Windows 7 compared to Windows XP. Can you justify not upgrading based on this? Can you afford to? Can you afford not to?
So, smart people, what can do you do about it? In the original Microsoft article, they do talk about taking global action on this. They make reference to France’s Signal Spam and Japan’s Cyber Clean Center as examples of what can be done. Could an initiative like this take place in the bigger forum? Can ISPs unite to detect infected computers and shut them down until cleaned? Can we get smart people to upgrade and take a safer approach? In schools, can we address malware as big social issues rather than just “make sure you’re updated and use anti-virus”.
Smart people – can we learn from this?