Expect desktops to become more of a target than servers for hackers as historically trusted formats like jpg files...
become vehicles for identity theft and a greater focus of organized crime.
Of the 53 security bulletins released by Microsoft in 2005, 29 of them were for client-side vulnerabilities. Of the 29 client-side bulletins, seven of those were fixed through Internet Explorer patches. Operating system patches, Windows Media Player patches or patches for Microsoft Office fixed the other 22 issues.
Security experts say the reason for targeting desktops now is because of improved security on servers, which makes it more difficult for hackers to "push" an exploit down on a system or to invade a network. Instead, exploits now wait to be "pulled in" by unwary users visiting the wrong site or clicking a contaminated e-mail.
"It used to be a dumb terminal and a smart inner core. There wasn't anything interesting at all in the end point," said Tim Keanini, chief technology officer with nCircle Network Security Inc., a San Francisco network security company.
Now it is easier for someone with malicious intent to have the victim pull in a virus, worm or other exploit, Keanini said, noting that if you look at what is selling on the black market now, "it is identity theft. And it is easier to get that from a PC."
Back to the classroom
Windows administrators may need to work harder to educate users about what currrently may pose a threat.
"For client-side issues, in almost all cases, the attacker would need to persuade a user to visit a malicious Web page or open a malicious file in order for the exploit to occur," observed Eric Schultze, chief security architect at Shavlik Technologies, in Roseville, Minn.
In each of the patch cases, user interaction is required in order for the client machine to be infected, Schultze said. So, educating the end user seems like the obvious answer to preventing damage or a security breech.
But Windows managers know that this is easier said than done. "It's a nightmare," said Keanini. "End users are trusting. When someone sends something that looks like it is from an associate, they open it."
Neel Mehta, the lead researcher with Internet Security System Inc.'s X-Force team in Atlanta, said putting the word out to end users is even more difficult lately because historically trusted formats have now become targets.
Last month, one Microsoft patch addressed a flaw in DirectShow, a program used to display video files. Jpg files and other complicated picture formats are now common vehicles for abuse, but end users still have confidence in them, said Mehta.
"It is very challenging for the Windows admin to educate all users about the dangers of using these formats, "Mehta said. "For an exploit to occur, it can be as simple as the end user visiting the wrong site."
This article originally appeared on SearchWin2000.com.