Computer Security Will Never Be the Same
This has been a remarkable month and the impact on how I view computer security will never be the same. The last time anything like this occurred was in the 90’s when I was infected with a complex worm looking to steal AOL passwords. When customer support told me to format my hard drive it encouraged me to create WinPatrol. The concept used in WinPatrol had never been done before but since my programming skills were busy on other projects it remained just a side project.
I started April 2014 making it clear what Microsoft’s lack of support for Windows XP would really mean. By the end of the month the worse case prediction appears to be coming true. Microsoft received details of an active zero-Day vulnerability from security platform developer, FireEye. Not only does this threat affect nearly all versions of Internet Explorer and Windows, attacks using this vulnerability are currently being reported.
The other major concern in April was called Heartbleed. While the media coverage was over the top, few really understood what this software failure meant. You may have heard that 66% of the worlds web servers were affected. In fact, less than 7% were actually running a version of the program OpenSSL that allowed access to 64kb chucks of data belonging to others. Even with this seemingly low number, Heartbleed opens up a couple of troubling issues. Problem #1: Data exposed by this flaw was raw and unencrypted. It was available to anyone no matter how secure you made your computer or how sophisticated the attack. The attacker didn’t need to know you to access your data. Problem #2: This event demonstrated how defenseless we all are any time we use the Internet. This was the result of a programmer and reviewers missing a simple error. I can only imagine how much of the Internet uses software with existing backdoors created by design.
This year I’ve done a lot to make WinPatrol easier and useful to a wider audience. Given these serious threats my motivation hasn’t diminished. The basic concept of WinPatrol detecting changes continues to be a model that make sense. While some attacks may require the PLUS version we have one advantage. Ironically, WinPatrol isn’t always taken seriously so it continues to notify users while many popular Anti-Virus programs are disabled..
Microsoft has released a security update on May 1st. This update will repair the failure found in Microsoft Internet Explorer.
Security Garden: Out of Band Security Update for IE Zero-Day Vulnerability
The patch is available as a Windows Auto Update. Microsoft surprised many by making this available on machines running Windows XP.
WinBeta: I’m sorry Windows XP users, but Microsoft shouldn’t have patched your OS