Well, you saw my post earlier this week on the 1.96% of PCs being updated according to Secuina. Well, as time does, I decided to install this tool as well to look at it. I did an initial scan on my home PC and this was the outcome:

Outch, this hurts my soul but shows as well the problem: I definitely have all our software updated and with must of the solutions above, I have the updates switched on (except Apple, where I switched it off when they wanted to install Safari as an update :()

But honestly, the tool is pretty cool. If you switch to advanced mode, you even get pretty detailed information:

So, this makes me really think. This is a PC which I really look after and keep it updated. Nevertheless I seem to have failed.

This shows me the fundamental problem: If I am not able to keep it up to date, how shall my Mom and Dad? The Secunia Personal Software Inspector helps a little bit but I am nut sure whether my parents are able to handle it. So, what we are basically missing is a central point and mechanism to distribute security updates. But who controls this channel? Who ensures that no criminal can get access to it? That no viruses are distributed?

Still a long way to go…

Roger

P.S: Do not even try to attack my PC based on these vulns – they are closed in the meantime

This is an interesting thing: I just read this post on ZDNet. The blamed us for being the key target for viruses and they always told me that they do not have a security problem. I am convinced that there is no software product having no security vulnerabilities and Apple proved over time that they are not doing that good and that their marketing and reality is sometimes pretty far apart. The following chart is from Jeff Jones’ Desktop OS Vulnerability report:

At least it seems that the technical side of Apple realizes that running AV software is absolutely key. I quote the blog above:

Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult.

Even though I understand the reasoning of running more than one AV product (we were doing that on Exchange and SharePoint as well), I do not think that it makes a lot of sense – from a resource consumption standpoint – to run more than one product on the Desktop. But the change in strategy is remarkable and I am more than happy to see that

Roger

Today I was having a discussion with a religious Mac fan claiming that the only problem with security on the Internet is Windows and then I read this article on ZDNet: Despite what blogs (and Apple) say, Macs will eventually have malware

In there it is referenced that the article I was quoting yesterday seems to have been bogus – see here: False Alarm: Apple Mac OS X Anti-Virus Recommendation Is Old

Now, it still seems that Apple users feel extremely safe – despite the fact that they have significantly more vulnerabilities than us. And it is just a matter of time and a matter of an attractive target until Mac will be attacked. It is ridiculous to think that anybody is safe – it is just a matter of economy: How much time and money do you want to invest in attacking a platform…

The three steps (Firewall, Computer Updates, AV-Software) to me are as important on Mac and Linux as they are on Windows

Roger

You know that I rarely blog on Advisories we publish unless they are heavily critical. I just want to make sure that you have seen this. MSRC (the Microsoft Security Response Center) constantly updates this advisory with workarounds. Please take this very, very serious:

• Microsoft Security Advisory (961051)
• Details on updates by MSRC
• Details from Security Vulnerability Research & Defense
• Limited Exploitation of Microsoft Security Advisory 961051 (Microsoft Malware Protection Center)

Roger