backtop


Print 102 comment(s) - last by Iketh.. on Oct 18 at 2:50 AM


Unbeknowst to you, your computer could be a double agent, committing cybercrime as part of a internet-connected botnet. Over 2.2 million American PCs are part of some botnet, according to Microsoft.  (Source: Ubisoft)
U.S. leads the world in botnet virus infection rates

According to a new 240-page security report from Microsoft dubbed the Security Intelligence Report, America is among the most infected countries in the world when it comes to botnets.  The report uses information collected in the first half of 2010 via the Microsoft Malicious Software Removal Tool.

Over 2.2 million PCs in the U.S. are infected with a virus that makes them part of one of the internet's massive botnets.  The term "botnet" refers to a group of connected computers that can be used for ill purposes such as spamming, distributed denial of service (DDoS) attacks, and mass credit card fraud.

Brazil came in second place for most infected computers, with 550,000 botnet-infected PCs.  Per computer population, though South Korea had the highest rate (though its total number of infected machines is lower than that of the U.S. or Brazil).  In South Korea 14.6 out of 1,000 PCs are in a botnet, versus 5.2 computers out of 1,000 in the U.S.

Cliff Evans, head of security and identity at Microsoft UK, comments to 
BBC News, "Most people have this idea of a virus and how it used to announce itself.  Few people know about botnets."

Fewer people perhaps know about Microsoft's Malicious Software Removal Tool (MRT).  MRT has been is a free tool Microsoft includes with Windows XP, Windows Vista, and Windows 7.  First released in 2005, the tool is easy to run -- just go to "Start", type "run" in the search bar, and then type "mrt" (case insensitive) in the resulting popup.  The tool will then activate and be ready to scan your computer and remove many common types of malware.

Perhaps if everyone learns how to use the MRT, America can escape earning the dubious distinction of being the world's biggest botnet participant in 2011.  Given the general public's ignorance of security, that seems unlikely, though.

Despite the difficulty in getting the public to practice proper security, Microsoft is taking steps to try to win the war against botnet masters on its own.  The company recently seized control over 276 internet domains that were being used by botnet owners.  And it has beefed up the securityof its most recent operating system, Windows 7, making it harder to infect new PCs.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Nay
By gamerk2 on 10/14/2010 1:00:33 PM , Rating: 3
And...Mac's are much more vunerable to such attacks, due to not having modern security measures built into the OS.


RE: Nay
By sprockkets on 10/14/10, Rating: -1
RE: Nay
By kylebilenki on 10/14/2010 1:25:55 PM , Rating: 3
quote:
Not a Mac advocate, but apparently all the safeguards in Windows Vista and 7 couldn't stop this from remote code execution: http://www.microsoft.com/technet/security/bulletin... Oh, and btw, this is what hacked Google in China. Microsoft knew of the vulnerability months earlier but did not release the patch until Google went public with the attack. So much for Microsoft security. Nothing's changed.


Mac advocate or not, the bulletin you linked has nothing to do with the Windows Operating System. It's for Internet Explorer. Those are completely separate software entities and you can use one to infer that the other is insecure.

It would be like myself (or another poster) linking a known defect with Safari web browser and claiming that Mac OS X is insecure. That is simply not the case, Safari has a problem, not Mac OS X.


RE: Nay
By sprockkets on 10/14/10, Rating: 0
RE: Nay
By omnicronx on 10/14/2010 2:08:15 PM , Rating: 2
IE has not been truly built into windows explorer since IE6.

They are separate entities, although its a bit more complicated than that. I think there is a core package that must be installed whether you are using IE or not.

But its not like it used to be, built directly into Windows Explorer.

P.S Where did you see they withheld anything? MS releases security patches all the time(patch Tuesday for non critical, and a critical patch if required), why would this be a PR nightmare over other IE flaws that have been patched?


RE: Nay
By sprockkets on 10/14/2010 2:16:34 PM , Rating: 2
quote:
IE has not been truly built into windows explorer since IE6.


quote:
But its not like it used to be, built directly into Windows Explorer.


Where did I say it was? I said it has new safeguards ONLY available in Vista/Win7.

quote:
P.S Where did you see they withheld anything? MS releases security patches all the time(patch Tuesday for non critical, and a critical patch if required), why would this be a PR nightmare over other IE flaws that have been patched?


http://www.zdnet.com/blog/security/microsoft-knew-...

From the article:

quote:
The vulnerability used in the attacks (CVE-2010-0249) was privately reported to Microsoft last August by Meron Sellen, a white-hat hacker at BugSec, an Israeli security research company. Microsoft program manager Jerry Bryant said the company confirmed the severity of the flaw in September and planned to ship a fix in a cumulative IE update next month.


RE: Nay
By omnicronx on 10/14/2010 1:54:07 PM , Rating: 3
quote:
Oh, and btw, this is what hacked Google in China. Microsoft knew of the vulnerability months earlier but did not release the patch until Google went public with the attack.
It was an IE6 exploit on an unpatched machine.. which was being used in a production environment.

The fault lies 100%^100 on Google.

Anyone who knows anything about security knows that MS is more active than pretty much anyone. Security through obscurity is reality, and MS is targeted because of its large share. You are kidding yourself if you think other OS markers have a bigger focus on security than MS. If all the MS virus/malware creates started targeting OSX for example, they would have a field day. This is well known among the security community.


RE: Nay
By sprockkets on 10/14/2010 2:05:37 PM , Rating: 1
Bud, in case you can't read, the patch for this exploit was released AFTER Google went public.

You can't patch an exploit without, wait for it, the patch.

And the exploit affects IE 7 and 8 on XP-Win7.

Seriously, can you read? Do I need to post Microsoft's own bulletin again?


RE: Nay
By Luticus on 10/14/2010 3:11:58 PM , Rating: 2
yes the exploit affects ie 6-8 on winxp - win7 but that's only if you don't have DEP enabled (i think it was) and that's enabled by defualt on ie8. People with the newest browser would have been somewhat safe. Not trying to defend ms here but i think you're over-reacting a bit here. nobody's perfect and exploits will happen on the worlds most used platform.

besides you don't know why they took so long to patch it, perhpas it was just difficult to patch without breaking something else. they obvioulsy didn't want to announce the bug to the world if it remained unpatched for whatever reason.

I mean, it's not like it was hundreds of thousands of citizens machines that got hit, it was google (who should have known better than to use an outdated browser in the first place). I think people give ms much more crap then they deserve. linux distros are really nice, they are not a viable alternative to windows in the main stream. and besides, linux has had it's fair share of security issues which took a little while to get patched just the same, or does someone not remember the faulty key randomization issue they had a few years ago.


RE: Nay
By sprockkets on 10/14/2010 3:49:28 PM , Rating: 2
They list it critical for all OS versions except for Server 2003.

And I understand they have to test patches, but Sept went by, then Nov, then Dec, then Jan, then oh wait, I guess we should release the patch now.


RE: Nay
By Luticus on 10/14/2010 4:01:15 PM , Rating: 2
testing is one thing, but what i'm referring to is patch development. it's not as easy as "oh there's a problem, lets poop out a patch. patching can be tricky because usually patching one thing can break others. sometimes figureing out a way to fix a major feature without totally breaking things or crippling your software can be not only tricky and difficult but nearly impossable.

i write code from time to time and patching the hole in the wall applications i write can take me weeks and sometimes months to do. here you have microsoft, a company that writes apps with millions upon millions of lines of code devided in to dev teams that all work different parts of the software and it's a major app that HAS to work in all aspects on TONS of different hardware platforms with many different software configurations. I'm amazed they get most of the patches out in the time frames they do to be perfictally honest!

MS might not be perfect but be reasonable, i think they deserve a little more slack than they get.


RE: Nay
By sprockkets on 10/14/2010 4:28:47 PM , Rating: 2
Well, it doesn't take 5 months to do that.

And they said it would be released in Sept.

It was a critical vulnerability which caused real harm. They should have released that ASAP, not, "oh let's wait till patch Tue in February."

Remember, they released the patch a few days after Google went public. It was ready to go.

Heck, I turn off automatic updates because I HATE when they decide, "Oh, this update is critical, I'm going to reboot your computer for you while you are not looking."


RE: Nay
By mindless1 on 10/15/2010 3:35:17 AM , Rating: 2
BUT, the fact remains that those who are targeted most have to make more of an effort to claim the same security level, and MS makes billions half-assing it while the rest do it for free and ultimately ARE more secure by the very reason mentioned.

The fault does not rely on Google. WTF is wrong with you? MS releases crap and you think people need to upgrade? WHAT THE HELL IS WRONG WITH YOU? Nobody should ever upgrade browser versions, there should never be gaping security holes in ANY version. IF a company that rich and lazy can't debug and patch a version, the last thing you should do is buy into (USE) their next, supposedly "fixed" version.

To say it is googles fault is ludicrous, the very last thing they should ever do if the software is insecure is use more software from the same company that refused to secure it!!!!!!!!!!!!!!!!!!!!

Think hard about that, oddly you seem to have a double standard about software that wouldn't apply to any other product mankind has ever known.


"Nowadays, security guys break the Mac every single day. Every single day, they come out with a total exploit, your machine can be taken over totally. I dare anybody to do that once a month on the Windows machine." -- Bill Gates














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki