There is a saying that everything old is new again. When it comes to security holes, this is most certainly the case. That’s because the latest and greatest anti-malware and security software just can’t defend against tried and true forms of hacker attacks. Unpatched application software means it is essentially unprotected, and thus a user’s computer is fully at risk.
Those are some of the warnings coming from InfoWorld’s security advisor columnist Roger A Grimes, who warns that, “Today, 99 percent of malicious risk comes to users through their Internet browser. Email threats are quickly being replaced by Web site malware, often coming from legitimate but infected sites. The malware scans the visiting user's system for unpatched application software, so it can initiate a ‘silent install’ or prompts the user to install some ‘needed’ component."
So why aren’t users doing more to stop these threats? Well, on the one level it is because – as we reported recently – users often times believe almost all prompts coming from the computer. If it says, “you must install this to continue,” many users assume it is necessary to do so!
But another part of the problem, a personal beef of mine, is that software upgrades are made to seem so urgent. I’ve long complained that software engineers think that the installs and patches are so important that you must stop everything you’re doing. When Live Updates is finished, or you do a Software Upgrade you’re often told, “You Must Restart The Computer.”
For me this is a “SIGH” moment, as in I sigh, probably say a few choice words, save what I’m doing and get on with completing the installation. Why this couldn’t wait until the end of the day or lunch I don’t know, but like many users I just go along with the flow.
This, in my opinion, has gotten users trained to accept that these installs, restarts and other software updates are necessary – regardless of what we’re doing – that we just rush through to get it over with. The problem is that we’ve stopped reading what we’re clicking, and this makes for a dangerous trend. Thus it has essentially left open new holes to old attacks. What good is building the Great Wall the Chinese found if a few barbarians could trick the gatekeepers. In our case we need to be better gatekeepers!