While Ad Blocker will stop known ads from displaying,
the recent Aurora attack can be propagated by
clicking on a link at a malicious/compromised web site,
opening a link in an e-mail, or opening an IM link.
On previous Aurora attacks, having Internet Explorer's
Data Execution Prevention turned on would block the
attack, but a newer technique gets around that.
Microsoft is deploying an emergency patch today for the
problem instead of waiting for the second-Tuesday-of-
the-month patch day.
For your e-mail and casual browsing, do you have
admin capability? A quick way to test is to
right-click on the time in the corner of your desktop.
If you can change the system time, you have admin.
Microsoft describes in their white paper:
Least_Privilege_to_User_Accounts_on_Windows_XP.doc
- - - - -
If a user authenticates as a member of
the local Administrators group, the
desktop and any programs that the user
starts will run with the full access
rights and permissions of an administrator.
Users who have administrative rights can
carry out the following actions, which
are legitimately required to administer
a computer:
Install, start, and stop services and device drivers.
Create, modify, and delete registry settings.
Install, run, and uninstall programs.
Replace operating system files.
Terminate processes.
Control firewall settings.
Manage event log entries.
Install Microsoft ActiveX® controls.
Access the SAM.
For the majority of computer users,
these rights are unnecessary and
significantly increase the risk to
the computer. Because a user with
administrative rights can make these
system-wide changes, so can any
program that a user with administrative
rights runs, either intentionally
or accidentally. Hence, if a user
authenticates with administrative rights,
it is far easier for malicious software
to install onto that computer.
- - - - -
You would not leave your repeater controller in an
unlocked state; you shouldn't web surf with admin.
Your admin sign on is password protected, isn't it?
A second, common breach is through unpatched third
party applications. Update your Real, Shockwave
Flash, etc. players. Your PDF viewers. Other
applications.
Java used to leave their old versions with security
problems installed. Update the latest Java (I think
it's Java 6 Update 18) then go to Control Panel,
Add or Remove programs, and remove your old Java
installs so their flaws can't be used by malware.
AA8K73 GMail wrote:
>
> One technique I haven't seen mentioned,
> perhaps because everyone does it, is
> to set up another sign on without
> administrative capabilities.
>
> Whenever I use my e-mail or browser client,
> I Log Off my administrative sign on, and
> Log On to my non-administrative sign on.
> It's a bit of a pain, but can prevent
> malware from modifying your system.
>
>
> I also use Mozilla Firefox instead of
> Internet Explorer. In Firefox, you can
> turn off Java script, image downloading,
> pop-ups, etc, and it has no Direct-X.
>
> For sites that insist on requiring Java script,
> I use the NoScript Firefox add-on. It will
> prompt me whether to allow Java script for
> any particular web site. NoScript can easily
> allow sites you approve to always allow Java.
>
> The Firefox FlashBlock add-on prompts you
> before running any Flash. It stops that
> vulnerability and is great for stopping
> those twitching ads.
>
> Another add-on is Web Of Trust (WOT). It
> puts up amber and red flags on sites that
> have problems reported. But, I digress.
>
>
> Mike - AA8K
>
>
------------------------------------
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/Repeater-Builder/
<*> Your email settings:
Individual Email | Traditional
<*> To change settings online go to:
http://groups.yahoo.com/group/Repeater-Builder/join
(Yahoo! ID required)
<*> To change settings via email:
[email protected]
[email protected]
<*> To unsubscribe from this group, send an email to:
[email protected]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
