By Jonathan Yarden
Someone leaked a significant portion of the Microsoft Windows source code to the Internet in February. Microsoft operating systems and applications are already the primary targets for malicious code. Now that some of the Windows source code is "in the wild," I think it's simply a matter of time before we see exploitations of visible flaws found in the Windows source code.
It's considerably more difficult to find exploits in compiled code, yet people do so all the time. Having access to the source code makes the process all the easier.
Microsoft has found itself in the unfortunate position of getting a peer review by hackers, so it makes sense that antivirus companies will try to determine where the exploits are before they occur. I'll bet that all of the major antivirus companies are—in one way or another—looking at the leaked Windows code.
This is one more reason why it's an absolute necessity to install antivirus software on any PC using Windows—even if a firewall already protects it. And it highlights the need to keep both Windows operating systems and antivirus software updated—on a daily basis, if possible.
However, many users are surprised to learn that the majority of preinstalled antivirus software on PCs eventually ceases to update. After a period of time—sometimes only 30 days, sometimes longer—the computer system loses this protection from malicious code.
Rather than continue to harp on the central cause of insecurity, which is the lack of understanding and proper operation of computers, I'll simply suggest that people use free antivirus software. Did I say free antivirus software? Absolutely: I typically don't endorse products or services from specific companies, but Grisoft's AVG Free Edition is free for personal use.
In addition, if your preinstalled antivirus software is no longer updating, check out Trend Micro's free HouseCall service. It runs from a Web browser, and it's a quick way to check for problems before installing anything.
I regularly encounter problem Windows computers, primarily home computers on broadband networks. My procedures for dealing with a suspect Windows system are rather straightforward. First, I check to see if the PC has any installed antivirus software. If it's not updating, I uninstall it immediately and run the HouseCall service to clean up any current infections.
Then, I download Lavasoft's free Ad-aware Standard Edition to remove any spyware from the computer. After I've dealt with all of the current viruses and spyware, I go to Microsoft Windows Update (conveniently accessible from Internet Explorer by selecting Tools | Windows Update).
After securing and updating a computer, I typically spend a few minutes giving the user a detailed explanation of each step of the process so he or she can see that it isn't an overly complicated undertaking. I also recommend sharing this new-found knowledge with peers, and I suggest resources on the Internet for further education.
Now that the Windows source code is in the hands of more than Microsoft, Internet security has become every Internet user's responsibility. It's more important than ever to use antivirus software on any Windows PC—and to remain diligent in making sure your systems are secure and updated the next time an exploit surfaces.
Jonathan Yarden is the senior UNIX system administrator, network security manager, and senior software architect for a regional ISP.