Bits from Bill

Technology thoughts leaking from the brain of "Bill Pytlovany"

Tuesday, April 29, 2014

Computer Security Will Never Be the Same

This has been a remarkable month and the impact on how I view computer security will never be the same. The last time anything like this occurred was in the 90’s when I was infected with a complex worm looking to steal AOL passwords. When customer support told me to format my hard drive it encouraged me to create WinPatrol. The concept used in WinPatrol had never been done before but since my programming skills were busy on other projects it remained just a side project.

aprilI started April 2014 making it clear what Microsoft’s lack of support for Windows XP would really mean. By the end of the month the worse case prediction appears to be coming true. Microsoft received details of an active zero-Day vulnerability from security platform developer,
FireEye.  Not only does this threat affect nearly all versions of Internet Explorer and Windows,  attacks using this vulnerability are currently being reported. 

The software  already “in the wild” uses a Flash(.swf) file to call JavaScript in Internet Explorer eventually accessing protected memory that had been randomized as a form of protection. The entry method has been a known flaw since last October but until now wasn’t found to trigger this kind of attack. Microsoft has posted a new security advisory at https://technet.microsoft.com/en-US/library/security/2963983. The Microsoft Security Response Center has been working through the weekend  testing a solution they hope to release soon.  Even though the flaw is in Internet Explorer if you’re using Windows XP you won’t receive an update. No matter how much you’re tempted to view a video you hear about on Facebook, Twitter or in your Email, don’t do it.

tvbleed

The other major concern in April was called Heartbleed.  While the media coverage was over the top, few really understood what this software failure meant.  You may have heard that 66% of the worlds web servers were affected. In fact, less than 7% were actually running a version of the program OpenSSL that allowed access to 64kb chucks of data belonging to others.  Even with this seemingly low number, Heartbleed opens up a couple of troubling issues. Problem #1: Data exposed by this flaw was raw and unencrypted. It was available to anyone no matter how secure you made your computer or how sophisticated the attack. The attacker didn’t need to know you to access your data.  Problem #2: This event demonstrated how defenseless we all are any time we use the Internet. This was the result of a programmer and reviewers missing a simple error. I can only imagine how much of the Internet uses software with existing backdoors created by design.

This year I’ve done a lot to make WinPatrol easier and useful to a wider audience. Given these serious threats my motivation hasn’t diminished.fontalert The basic concept of WinPatrol detecting changes continues to be a model that make sense. While some attacks may require the PLUS version we have one advantage. Ironically, WinPatrol isn’t always taken seriously so it continues to notify users while many popular Anti-Virus programs are disabled.

.

 

UPDATE 5/2/2014
Microsoft has released a security update on May 1st.  This update will repair the failure found in Microsoft Internet Explorer.
Security Garden: Out of Band Security Update for IE Zero-Day Vulnerability
The patch is available as a Windows Auto Update.   Microsoft surprised many by making this available on machines running Windows XP.
WinBeta: I’m sorry Windows XP users, but Microsoft shouldn’t have patched your OS

Labels: , , , , , , , , , , ,

Share on Facebook


1 Comments:

Blogger Unknown said...

Not sure who had the brilliant idea to take away my ability to change the tray icon to the nice blue round one instead of this butt-ugly green flat thing. Frankly, small item though it may be to you, it pisses me off enough to uninstall this program from my computer. I've been a loyal customer for many years. I don't like the new guy, I don't appreciate the changes. Hope all goes well for you, but I won't be sticking around to find out.

6:18 AM  

Post a Comment

<< Home