HOME
TOPICS
ABOUT ME
MAIL

 
A typical new XP computer will be infected by viruses and spyware within 18 minutes after it is connected to the Internet, a respected security group says.
 technofile
Al Fasoldt's reviews and commentaries, continuously available online since 1983

T e c h n o f i l e
Unpatched XP computer lasts only 18 minutes before falling victim to security flaws


This article is not running in The Post-Standard.
   
August 29, 2004

By Al Fasoldt
Copyright © 2004, Al Fasoldt

   Windows XP users may be dismayed to learn that a new, unpatched Windows XP computer isn't likely to last more than 20 minutes before it succumbs to infections over the Internet.
   The disturbing findings come from the Internet Storm Center, part of the highly respected SANS Institute on computer security. In a report issued without fanfare late last year and brought to light by recent security problems, the Internet Storm Center says a typical new Windows XP computer will be infected by viruses and spyware within 18 minutes after it is connected to the Internet.
   The report is unreassuringly titled "Windows XP: Surviving the First Day." You can get it as PDF document from www.sans.org/rr/papers/index.php?id=1298.
   The Storm Center's findings are based on tests done before Microsoft issued a series of software patches for Windows XP. The patches have been put together in a single update called Service Pack 2 (also called SP 2), and can be downloaded and installed automatically through the Windows Update program in the XP Start Menu.
   But installing SP 2 will not necessarily make a Windows XP computer safe. New security holes and dangers in patched XP computers have already been reported. I recommend holding off on installing the patch for a month or two so that Microsoft can try to fix the security holes in its latest patches. (I also recommend switching to a safer operating system if possible. See last week's column, available at http://technofileonline/texts/tec082204.html.)
   The Internet Storm Center is an independent group within SANS ("SysAdmin, Audit, Network, Security"), the Internet's security center. The Storm Center checks more than 3 million network intrusion logs a day and keeps a running history of Internet attacks and vulnerabilities.
   The Storm Center report isn't overly critical of Microsoft. It has a matter-of-fact approach to the extreme insecurity of Windows XP and tells how to set up XP to reduce the security holes.
   The tests that produced the 18-minute lifespan were based on low-speed Internet connections. When Windows XP computers are connected through broadband systems such as cable Internet or DSL lines, their survival time is much shorter, the Storm Center report says.
   Among the dangers are Internet-borne viruses and worms, which can slip into a Windows PC through attachments in e-mail and as commands executed by Internet Explorer, the trouble-prone Web browser distributed with Windows.
   Other dangers come from the epidemic of Windows spyware. The typical Windows PC is estimated to have 50 to 70 spyware infections, but reports of more than 900 spyware infections on a single Windows PC are not uncommon.
   Viruses, worms and spyware are primarily Windows problems. The two modern alternative operating systems, Linux and Macintosh OS X, are free from spyware and nearly free from viruses and worms.
   Microsoft has more information on Service Pack 2 at www.microsoft.com/windowsxp/sp2/default.mspx.