After another security hole recently surfaced in Microsoft’s Windows operating system, the software giant released a patch this past Friday to plug the possibly devastating back door which allows hackers to potentially seize control of any pc running Windows. The latest threat, Download.Ject, infiltrates computers after users browsing with Microsoft’s Internet Explorer web browser see sites infected with the virus. Several factors make this newest development more disturbing than previous discoveries of security issues with Internet Explorer, currently the most dominant web browser in the marketplace.
It demonstrates very clearly that offenders discovered they can use the ability of viruses to quite profitably steal significant bank, private, and credit information from those on a huge scale. Secondly, it took pornographic virus alert from microsoft what many would consider a lengthy time to think of a patch for this issue. Before a fix appeared, Microsoft told everybody who uses Internet Explorer to stick their finger in the dyke by placing their internet browser security settings on high, making it impossible to see or use features on many sites and web-based services.
Third, expect this to occur Again as new holes available in the future when Microsoft makes Windows more complex, adds layers of code, and generally makes the operating system more complicated. Though free and reasonably reliable, a lot of people do not automatically upgrade their Windows operating system via the update service on Microsoft’s web site. Whenever Microsoft publishes a Security upgrade, especially for a highly researched and obviously widespread security violation, thousands of people would not immediately download the upgrade. In Reality, tens-of-thousands of Users would not download these security updates for days, weeks, even months if ever. So let me ask what sounds like a very basic question: By releasing security upgrades that point out quite obvious flaws in their system, does not Microsoft also point the way to precisely where the holes exist?
Does not this speed the same as discovering the local bank vault will not lock and then announcing the details on the front page of the newspaper together with the dates and times no lender guard will be on duty? After all, if tens-of-thousands of users would not immediately receive the Microsoft Security Patch, do not those patches show hackers precisely which holes have plugged and which, logically, must already be available with no patch? It does not take a hacker with More than a simple set of skills to recognize where and what holes got fixed and then reverse-engineer how they could get into computers that do not get upgraded.