Security Watch

Study: Enterprises Fail To Mitigate Risks

Alert Mr. Obvious! The Internet exposes enterprise computing to major threats. Plus: What Microsoft plans to do about server, Web threats.

The Internet is increasingly the epicenter ever-growing front for defense against hackers, nasty bugs and malware.

A study released early Tuesday from security firms Qualys, TippingPoint and the Internet Storm Center at the SANS Institute points to the Web as the common denominator for two of the most pervasive risks to enterprise computing. What are the two risks? They would be client side bugs from attachments sent over e-mail and vulnerable Web Sites, that can include trusted Internet destinations with malicious code or dubious phishing and bait-and-switch Web pages that exists as literal Webs to entangle unsuspecting users.

The report got its data from the appliances, workstations and server hardware of responding businesses in the period covering March to August 2009 to provide, in the words of the three organizations, "a reliable portrait of the attacks being launched and the vulnerabilities they exploit."

Microsoft's Server, Web Component Threats
Still not convinced about the Internet security focal point? Microsoft is. Over the last two weeks the company issued two security advisories, both dealing with server tools. These off-cycle advisories come at a time when Microsoft programs are besieged by Web-component related issues.
 
Like all five of last Tuesday's patches, as well as other yet-to-be fixed bugs in the company's File Transfer Protocol and Server Message Block file sharing protocol, several of the most current and pressing bugs involve Web components.

Web components are a bit more complicated than application-level bugs in that they can involve everything from smash and grab firewall breaches to a random e-mail with a malicious .PDF that allows the hacker to take over a company server with remote code execution or trigger a denial of service bug in an if-I-can't-have-it-no-one-can incursion.

The FTP issue affects Microsoft's Internet Information Services. IIS is among the world's most frequently used Web server applications, second only to the Apache HTTP server. And the SMB issue deals with how Internet traffic is conducted, parsed and ultimately harnessed for transmission via Internet Explorer on workstations.

If that isn't enough critics are up in arms about an issue with Windows' implementation of the Transmission Control Protocol/Internet Protocol (TCP/IP), which is the Web's default suite of connection protocols. Apparently, all three bugs are supposed to be mitigated by this patch for Vista and Windows Server 2008 systems, but not XP, an older operating system that's still more widely used than both of the newer OSes.

According to transcripts from an informational Webcast that followed the patch release, an update for Windows XP will not be made available for these bugs:

"By default, Windows XP Service doesn't have a listening service configured in the client firewall and are therefore not affected by this vulnerability," explained Microsoft moderators Adrian Stone and Jerry Bryant, who added that a strong firewall could do the trick for XP users.

Not for nothing, but it seems that if strong firewalls could do the trick, there would be no need for this blog post nor the threats detailed herein. If you're using an Internet connection in an enterprise environment -- and you are if you're reading this online -- stay tuned.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Microsoft Clarifies Project Cortex's Scope, IT Controls and Product Delivery in Q&A

    Microsoft recently offered a Q&A session on Project Cortex, its emerging "knowledge network" solution for Microsoft 365 users.

  • How To Use .CSV Files with PowerShell, Part 2

    In the second part of this series, Brien shows how to import a .CSV file into a PowerShell array, including two methods for zooming in on just the specific data you need and filtering out the rest.

  • Windows 10 Preview Adds Ability To Display Linux Distro Files

    Microsoft on Wednesday announced Windows 10 preview build 19603, which adds easier access to installed Linux distro files using Windows File Explorer.

  • Microsoft 365 Business To Get Azure Active Directory Premium P1 Perks

    Subscribers to Microsoft 365 Business (which is being renamed this month to "Microsoft 365 Business Premium") will be getting Azure Active Directory Premium P1 licensing at no additional cost.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.