Vunerabilities on the Microsoft Windows platform have reached a significant plateau.

There are now viruses that can embed themselves in benign content like HTML or JPEG images. This is an unprecedented level of insecurity, a user may be infected with a virus by simply viewing a document. Whereas before it required a proprietary Word or Excel file with an embedded macro virus, today it is possible to extend ostensibly open file formats to include an exploit.

How did Microsoft nuture the development of these kinds of virus? It would seem that a secure platform like Windows NT would be impervious to any kind of virus attack.

The truth is, Windows NT/2000/XP is extremely well protected. There are file restrictions that allow only a privileged user to modify operating system files. Unfortunately, the pervasiveness of Windows 95/98/ME has enabled the escalation of trojan viruses. More significantly, the fact that many NT/2000/XP users logon with the Administrator account provides further possibilities for trojan applications to take advantage of your workstation. Fortunately, this can be easily fixed by logging in with an unprivileged account.

At this point in development, the real virus danger on Windows NT/2000/XP comes from trojan applications that capitalize on social engineering to inject themselves. There is very little that can be done to prevent this from happening, anyone can write a program to masquerade as a trusted source. For example, by using the Microsoft logo in an application startup screen it would be possible for my program to appear as though it was from Microsoft.

To combat this, software should be installed only from trusted sources on trusted media or verified electronic distribution. Users who understand this and who employ the controls of a privileged account for installs will be protected. Everyone else will be seeking refuge in the burgeoning computer support market to recover their computer operating systems from any number of trojan applications.

Categories: Software