Latest Windows hole the last straw

Stan Beer
Monday, 14 August 2006 17:20

Opinion and Analysis

The news that a much feared new worm has been let loose to exploit the latest vulnerability in Microsoft Windows, made known last week when the software company released its security update MS06-040, will no doubt be the last straw for many users.

Those who have been forced to arm themselves to the teeth with multi-layer security defences, including firewalls, anti-virus, anti-spyware, anti-phishing and anti-whatever packages, only to see their systems get taken down by some new Windows or Office vulnerability, must be wondering what they need to do to feel safe when they go online.

In what has become a bizarre monthly ritual that hopefully will one day be consigned to the garbage dump of history, Microsoft saves up all the fixes for new vulnerabilities in its systems that it or someone else discovers and issues the fixes to its hundreds of millions of users on the second Tuesday of the month.

With monotonous regularity, each month, Patch Tuesday as it has become known reveals a dozen or more serious deficiencies in Microsoft's software. Some of the bugs are so critical that if malicious attackers were to exploit an unpatched system they could gain control of an online computer without the owner having to lift a finger.

As critical as these bugs have been each month, the vulnerability addressed by security update MS06-040 is so serious that the US Department of Homeland Security has felt the need to get on the act and warn users to install the patch. No reason has been given for the Government agency to get involved. However, there is a possibility that it not just worried about cyber criminals gaining remote control of computers.

For many Windows users who have been hacked and had their systems compromised despite their best efforts at protecting their systems, at least some must be now wondering whether it is time to consider looking into whether there is a safer alternative.