Top

Homeland Security warns of Windows vulnerability

August 9, 2006 by Mike Wendland 

We’re used to warnings about worms and viruses from the computer industry. But now the U.S. Department of Homeland Security (DHS) is recommending that Windows Operating Systems users apply Microsoft security patch MS06-040 as quickly as possible. This security patch is designed to protect against a vulnerability that, if exploited, could enable an attacker to remotely take control of an affected system and install programs, view, change, or delete data, and create new accounts with full user rights.

Says the DHS: “Windows Operating Systems users are encouraged to avoid delay in applying this security patch. Attempts to exploit vulnerabilities in operating systems routinely occur within 24 hours of the release of a security patch. This vulnerability could impact government systems, private industry and critical infrastructure, as well as individual and home users.”

Users can apply the Microsoft MS06-040 security patch at http://www.microsoft.com/technet/security/bulletin/ms06-040.mspx. Home users may prefer to go to Windows Update at http://update.microsoft.com and select “express” to install critical security updates, including the MS06-040 security patch.

The U.S. Computer Emergency Readiness Team has posted a warning dated Aug. 8 on its Web site saying the vulberabilites affect Microsoft’s key applications, including Microsoft Windows, Office, Works Suite, Visual Basic for Applications, and Internet Explorer.

It’s hard for me to get very excited about such things. Finding security vulnerabilities in Microsoft products is pretty much a weekly occurance. But I don’t recall seeing such high level warnings from DHS before. So for whatever it’s worth, I pass it along to you.

Another reason I’m not excited is that I use Macs. Macs aren’t affected by these threats. And that should be a word to the wise… or those weary of the warnings about Microsoft products.

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google
  • Bumpzee
  • Fark
  • Furl
  • StumbleUpon
  • Technorati
Filed Under:
Tagged:

Comments

10 Responses to “Homeland Security warns of Windows vulnerability”

  1. Dave Stevens on August 10th, 2006 12:15 pm

    I am already prepared for any kind of bio attack. I have taped and sealed my windows closed with duct tape.

  2. Mark Gandy on August 11th, 2006 10:15 am

    Mike - you make a completely senseless argument that you don’t need to worry because you use a mac….http://docs.info.apple.com/article.html?artnum=61798

    As Apple gains market share, and folks like you continue to make statements of arrogant invulnerability, you will see an increase in the scrutiny and attention the malicous code writes pay to the OS X platform.

    Mark W. Gandy, CISSP

  3. Frank on August 12th, 2006 8:31 am

    I agree with the post from Mark above. I thought you’re supposed to be a technologist Mike? Statements like the one you make about Apple being safe from attacks shows to me that maybe you’re not and a bit naive as well. Maybe you own Apple stock and that’s why you hype it up and make ludicrous statements. Apple is vulnerable. Apple will become even more so as they increase market share - don’t fool yourself - or your readers. I think i’m going to take a break from your column and blog for a while - i’m going to find some other writers that are more knowledgeable, less biased towards the Mac and actually provide accurate information. Get with the times Mike.

  4. keith on August 12th, 2006 4:12 pm

    http://www.usatoday.com/tech/news/computersecurity/hacking/2006-08-02-black-hat_x.htm

  5. Joe on August 12th, 2006 4:43 pm

    Hey, Mark and Frank-
    If the Mac is less vulnerable to bad stuff by virture of its 5% market share, why doesn’t it have 5% of existing viruses (which would be quite a few!) instead of 0?

  6. ToeKnee on August 13th, 2006 11:21 pm

    Hey, Frank and Mark–
    why don’t you read what he wrote before you go yapping your traps. It was clear to me he was talking about the DHS warnings– here’s what he wrote, with my (commentary):

    “Another reason I’m not excited (about the DHS warning, the topic of this post) is that I use Macs. Macs aren’t affected by these threats (again, the ones warned about by the DHS, the topic of this post).

    If you know any history of Mike Wendland, he was “PC Mike” a windows-centric technology writer until just a few years ago when he decided to see what all the Mac excitement was all about. And for the most part, he’s never looked back. He continues to use and write about both platforms, but he uses Mac for his personal stuff, and he has written many times why– and better security is just a part of it.

    The point is, if Mike has a Mac bias, he’s arrived there with knowledge and experience of both sides, which is more than you could say for your own platform bias.

  7. Mark on August 14th, 2006 1:36 pm

    1) I am a Mac user at home - for security reasons. It is much better to keep my wife/kids up and running with less support from myself.
    2) However - the “improved” security bias from common Mac soundbites is not represented accurately - it comes mostly from lack of general scrutiny due to lower market share. Thus my (and perhaps Mike’s) conclusion it is better off to be where “they (the hackers) ain’t” - but only if this condition remains true. If you don’t accept this argument - then please tell me why EXACTLY the Mac is better, and don’t use the number of virus/spyware/hacks reported, because this is expected due to the low level of scrutiny. Tell me what is fundamentally better (also remember that many of the “improvements” have come from Apple cherry picking off best practices from watching the larger petri dish of the MS install base get beat up.)
    3) Mike may have meant with his comments that the Mac isn’t vulnerable to the specific DHS advisory, however he missed a chance to exhort all Mac users to pay the same level of attention to their own patching needs - before it’s too late. And he still implies the Mac has a superior security posture (see #2) which is the wrong message to send.
    4) I don’t have to defend my credentials (I have 15 years of security engineering and architecture experience, across many technologies) and I didn’t ask Mike to defend his. I asked that he not make statements of unqualified Mac security superiority.

    Anyway - I would prefer to continue to surf along in a relatively safer Mac world, and as the superior user experience and form factor allows Apple to gain marketshare, that we not incite the dark forces of the world to look for fame and fortune through malcode. (You never talk about a “no-hitter” in the middle of a game.)

  8. Joe on August 17th, 2006 5:04 pm

    Mark-
    Q. What is fundamentally better about the Mac OS? A. UNIX.
    Here’s one for you. What OS do most financial institutions use for their secure systems? Hint: It ain’t Windows. Based on your #4 statement, you should know this!

  9. Randall Preston on August 20th, 2006 11:30 pm

    Try Laptop Snoop at http://www.laptopsnoop.com for a director of laptop sites with info on Dell, SOny and Gateway laptops.

  10. Scott on September 11th, 2006 8:32 am

    Always love to see the Mac vs Microsoft vs UNIX fights. Frankly put if any one is connected to a network in any way its vulnerable PEROID! Reporters without a clue really should know what they are writing about before print hits the paper. Ignorance is no excuse. Next thing you know we will be reading about the pink elephant who works as a street sweeper in Kalamazoo simply because someone told the reporter there was such a thing and they ignore the fiduciary responsibility to learn and report the truth. Mike I hear ABC is going to do a sequel to the 9-11 mini lie and they could use a writer like you.

    Scott

Feel free to leave a comment...
and oh, if you want a pic to show with your comment, go get a gravatar!





Bottom