Bugs and Fixes: Halt Worms and Viruses in Their Tracks

Illustration: Greg Clarke
Remember the virus blitz that struck late this summer? First, we were bombarded by the Blaster worm, and then by variants of the Sobig virus. Further, Microsoft had discovered, as of this writing, three new holes similar to the ones that Blaster exploited. If you haven't already, go to Microsoft Security Bulletin MS03-039 to grab Microsoft's fix and keep hackers off your turf.

Welcome to the new era of viruses. Blaster and its subsequent variants are good examples of how yesterday's "theoretical" attacks become today's real-world problems. The security sleuths who find holes in software often publish online the code they used to expose the weakness. And in the case of Blaster, cyberthugs were able to employ the code to create a catastrophic worm.

So expect crackers to cook up attacks more quickly than before. That means you need to step up your defense practices, now more than ever.

What You Can Do

Update your virus definitions regularly--ideally on a daily basis. Just as often, visit sites that document the latest threats to find out what subject lines and file-attachment names the newest viruses are using. Look at McAfee (find.pcworld.com/37985), Symantec , and Trend Micro .

Install Microsoft's "critical" updates (go to Microsoft Windows Update), but be careful. I always look out for any serious problems with patches before I adopt them, though I don't wait longer than a week or so. I usually visit support forums to read users' descriptions of problems. My favorites: Microsoft Technical Communities, Tech Support Forum, and WinGuides Support Forums. If I read any reports about a patch causing crashes, problems with the operating system I use, or conflicts with installed programs (such as a particular antivirus application), I steer clear of the patch for a while.

On top of being proactive about virus research, there are other things you can do. Be skeptical about e-mail attachments even from people you know, unless you are expecting something; the same advice goes for strange subject lines. Avoid looking at suspicious e-mail messages in preview mode. Better yet, disable the preview feature entirely.

Whenever you step away from your computer, put your machine into hibernation or standby mode. Doing so will help stop attacks like Blaster, which infected systems by wandering the Internet looking for PCs with communications ports left unguarded.

The frustrating thing is that Microsoft had already released a patch for the very security hole that the Blaster worm exploited a month later (the fix is rolled into the patch mentioned in the first paragraph). To head off potential problems, Microsoft says, it may soon make automatic installations of updates the default setting in Windows. (See this month's News and Trends for a report on Microsoft's proposal.) I think that's a bad idea. Sure, such automation may help prevent the rapid spread of virus infections. But allowing Windows to automatically download and install updates that may be half-baked could be dangerous for your PC's health.

Subscribe to the Best of TechHive Newsletter

Comments