Posted by Geraldine Hunt on Tue, Mar 6th, 2012
There are no silver bullets against security threats.
In folklore, silver bullets are the only ones supposed to be effective against witches and werewolves. Unfortunately for system administrators, silver bullets have never made it beyond the world of folklore. In particular, they do not exist to protect against security threats.
One can use the best spam-filter only to find out their best friend's account is being used to send spam which then makes it through the filter. One can have the best anti-malware technology, only to become victim of a targeted malware attack using a zero-day exploit.
One's important data may be stored on a machine without Internet connection, only for one to discover an employee taking the hard drives upon leaving the company.
Some very basic step go a long way to keep threats at bay
A recent report from M86 shows there is a very basic step sysadmins can take to keep most threats at bay. According to the report, the most observed web exploit used an ActiveX vulnerability in Internet Explorer that was discovered, and subsequently patched, in 2006. 2006! In 2006, we didn't have iPhones or iPads, Barack Obama was a promising senator and countries' GDP just grew magically.
And this ActiveX vulnerability is no exception: all other popular exploits are several years old, one even dates back to 2002. Sophos reported a 14-month old vulnerability that is still actively being exploited, while Symantec said it has seen a rise in malicious PDF spam that exploits a vulnerability patched in March 2010.
Patch, Patch, Patch
For once, the solution to these threats is simple: patch. Patch your operating systems and patch your software. Including those programs that you rarely use or that you don't think anyone will bother finding vulnerabilities in, because eventually they will. It is patch or be pwned.
Note : This article comes courtesy of Martijn Grooten who works for Virus Bulletin in the UK, where he runs comparative anti-spam tests.