Failing to implement software patches on your computer is comparable to leaving windows and doors open at home.  Whatever is inside the home or computer may be stolen, destroyed, or ransomed.  But patching your computer isn’t enough either!

The Zen of Malware and UnPatched Software

The end result of a malware attack is that some malicious software runs continuously and indefinitely in a computer to steal anything of value such as credit card numbers, passwords, or insider information within a corporation.  Actually, that software was almost certainly installed by some other software.  The purpose of that ‘other’ software is to penetrate and install the malicious software that remains operational on a PC indefinitely.  That ‘other’ software is the virus, worm, or other malware that your anti-virus/spyware software strives to detect upon entry.  The virus, worm, or whatever might be within a document, media file, web page, communication, or something else.

Let’s look at a virus; the same will apply to a worm and other malware.  In the organic world of people, a virus can only harm a person that is susceptible to the virus.  Similarly, a cyber virus can only harm a computer with a software application or component that is susceptible to that virus.  That susceptibility is called a vulnerability, which is a programming mistake by its vendor.  Ideally, software patches fix programming mistakes such that one or more vulnerabilities to malware attacks are permanently eliminated.

A Perfectly Patched Computer is Safe from Virus, Worm, and other Zero-Day Malware Attacks

If all theoretically possible software patches were implemented on a computer, then there would be no need for anti-virus/spyware security software because there would be no programming mistakes left to be exploited.  This “theoretically possible” qualifier is absolutely unrealistic in this era.

Average Computer Has a Dozen Unpatched Pieces of Software

Our good friends from Secunia, a security intelligence firm, report that the average computer in North America has a dozen unpatched software vulnerabilities.  If your computer handles a maliciously crafted file or communication designed for one of those unpatched software components or applications, your computer would be compromised, as well as everything within it and to some extent everything it interacts with.

With Anti-Virus/Spyware Alone, Resistance is Futile

There are two major reasons why your anti-virus/spyware security software will offer you less than a 50% chance of protecting you from an attack.

First, anti-virus/spyware products rely mostly on signatures, which are like fingerprints or photographs.  Signature-based technology fails to stop UNKNOWN virus and worms.  Unknown malware is considered zero-day malware.  It takes weeks to months to discover and disseminate new signatures for new malware in the wild.  Attackers create them in minutes.  Do the math, protecting a PC from today’s malware attacks is like protecting your city from tanks and bombers with slings and arrows.

The second reason for their weakness is just as terrifying.  Anti-virus/spyware is useless for protecting a PC from attacks on software vulnerabilities known only to the attackers.

Protection from Attacks on Unpatched Software Vulnerabilities

Businesses, governments, and home computers can be used almost worry free.  Blue Ridge offers two software security solutions that employ what we call AppGuard Technology.  This prevents attackers from using programming mistakes in software to infest your computer with malware, even zero-day attacks.  Read this white paper on how AppGuard Technology protects computers from virus, worm, Trojan, and other zero-day malware attacks.

AppGuard protects home and enterprise computers.  AppGuard is available for a free 30 day trial, fully featured. EdgeGuard protects enterprise computers.  However, EdgeGuard is available as both a product and a managed service.  A Managed EdgeGuard pilot can be launched in less than a week.

Posted: Tuesday, June 30th, 2009 - Endpoint Security
RSS 2.0 - Comment - Trackback