10 steps Windows PC owners can take to secure their computers
In Today's World the Internet is no longer a safe place for Windows PC users (not that it ever was). Criminals are exploiting vulnerabilities in web sites, web servers, email, browsers, and unsecured, or under-secured Windows OS computers.
Some of the current exploits making the rounds are using JavaScript functions to install malware onto vulnerable Windows based PCs. Some of these exploits are being secretly installed into the operating system of web servers, thus causing the exploit code to appear on every web site hosted on that server (a horrible situation). The individual web site customers are at the mercy of their hosting company to detect and repair the rootkit infection that adds the exploit codes to every home page on that server. Web hosts are usually informed about such exploits in the wild, that target their operating systems and they usually apply the necessary patches and re-compile the Apache Kernel, or Windows Server OS, as soon as possible.
Another related attack vector comes from individual web sites, if they are using insecure scripts, for which various hackers are searching. Hackers send bots to probe every website they can find, following links in search results, and on websites they have already visited. The bots are programmed to attempt to run various types of exploits against that website. The exploit attempts I see most often involve trying to exploit PHP scripts, or web pages, to perform http redirects to hostile scripts, hosted on other servers. A website owner who is not fully up to speed about security issues may install a vulnerable script, or copy insecure code from an open source project, only to have his website used a a redirector to hostile codes.
Finally, there are JavaScript exploits being used on the web pages hosted unknowingly, on Windows computers that have been taken over by the Storm Trojan. When people are enticed to visit those web pages the JavaScript routines will attempt to download and run hostile code against them, which if successful will add their computer to this ever-growing BotNet. See my recent blog post about the Storm Botnet, or search my blog for the phrase "Storm Trojan."
Here are 10 steps that PC users can take to protect their computers from all JavaScript exploits.
- Apply all available Windows/Microsoft Updates, including Office product patches. This is a MUST DO.
- If you have not updated your copy of Internet Explorer to version 7, do so now, then use Windows Updates to apply all released patches for it. IE 7 has built-in security features that simply cannot be applied to previous versions of that browser.
- Set your Internet Explorer security level to medium high, or high. This will cause prompts to appear when scripts are asking for permission to run, which will be on almost every website you visit. This will drive you crazy, but at least give you a fighting chance.
- Turn on the anti-phishing filter in IE 7.
- To avoid the craziness that goes with securing Internet "Exploder," download and install the latest version of the Firefox browser, make it your default browser for browsing the Internet. Firefox does not run ActiveX controls at all and does not allow stealth downloads or installs. Every add-on or download must be manually approved. Set the options in Firefox to automatically check for updates to both the browser and any add-ons you've installed.
- Install the No-Script add-on for Firefox, which blocks all known JavaScript and iFrame exploits, if you configure it properly. No-Script blocks JavaScript functions on websites, by default, but allows you to override it selectively, for sites you trust.
- If you are uncommitted regarding an Internet Security product, try Trend Micro PC-cillin Internet Security 2008. It has resident shields that will intercept hostile scripts embedded in web pages, before they are downloaded to your browser. It also removes viruses, rootkits and spyware.
- If you are currently operating as the Computer Administrator you should consider reducing your exposure to malware by changing to a Limited User account. This is not a trivial matter, but offers tremendous protection against accidental infections. I have also posted an article on my blog explaining how running with reduced privileges can protect you online.
- If you are on broadband Internet make sure that you have a NAT (Network Address Translation) router between the modem and your computer. NAT routers hide your computers from incoming TCP/IP and UDP probes by malicious scripts and infected computers. Some modems have built-in NAT router sections, but some don't. A straight connection from a broadband modem to a PC can make it vulnerable to scripted attacks aimed at your TCP ports. A software firewall is a must for PC owners. Windows XP and contains a built-in one way (incoming) firewall, while Vista has a two way firewall (in and out).
- Scan for acquired malware threats often, using up-to-date applications and definitions.
By applying these 10 steps you will have secured your PC as much as possible, while still allowing it to function on the Internet. The advise about running with reduced user privileges has been officially applied by Microsoft, to their Windows Vista operating system. Vista users normally operate with reduced privileges, unless administrator overrides are required to install, or uninstall a program or driver. It is still up to the user to determine if this is safe or not.
In the end, it is always up to the computer owner to decide what level of security they can tolerate, and what programs or add-ons they will allow to be installed onto their computers. If the user is duped by a cleverly worded spam email message, into clicking on a hostile link, no security warnings known to man will prevent them from installing what might turn out to be a Trojan horse application. It happens every day! Be vigilant and practice safe Hex!
If you like this article please share it.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.