In this newsletter, I often write about Microsoft's release of security patches for the Windows OS. Many of the patches fix OS or embedded-application bugs that have the potential to let attackers plant viruses or remotely execute malicious code. These attacks take advantage of new or known vulnerabilities. Microsoft is usually pretty quick to release fixes for newly discovered problems.
Antivirus software vendors are also quick to issue software updates to equip their products to catch the latest viruses and, in many cases, new derivatives of old viruses. Good antivirus products can recognize new virus permutations without being specifically updated to the latest identification files.
You might be saying, "I know all this. What's his point?" Well, this UPDATE has thousands of readers, and I'm asking all of you to remind your friends and relatives how important it is to update system patches and antivirus software. People who use computers but don't live in the IT trenches often forget to upgrade their virus protection until after they've been attacked.
Recently, a friend prompted me to do some quick research when he sent me an email that mentioned that his home firewall virus trap had caught more than 150 viruses in the past month. I checked my own virus redirection folders and found that my personal email accounts had been sent more than 170 infected email messages in the past month (the email addresses published for me in the Windows & .NET Magazine UPDATES, newsletters, and print magazine use a server-based antivirus program, so I never see infected messages someone sends to me at those addresses).
When I investigated further by calling IT managers and a few home users, I found that even small IT businesses see hundreds of infected messages a month. Even users who have only one email address are getting from 10 to 15 infected messages monthly.
What's really irksome is that the vast majority of the viruses the users in my impromptu poll were seeing were variants of the Klez virus (data that's confirmed by the Virus Bulletin. This is especially annoying because Microsoft fixed the code vulnerability that enables the Klez virus to propagate through Microsoft Outlook more than a year ago! The fix for the Klex vulnerability is described in Microsoft Security Bulletin MS01-027 (Flaws in Web Server Certificate Validation Could Enable Spoofing).
So, do every computer user a favor and spread the word to your less technically astute friends and family members: Keep your Windows computers and your antivirus applications updated.
In last week's UPDATE, I discussed the security rollup patch for the Windows Media Player (WMP) family of applications. In response, I received email from angry readers who pointed me to the End User License Agreement (EULA) that came with the WMP rollup patch. An overly cautious reading of the EULA can give you the impression that installing the rollup grants a license to Microsoft to freely access your computer and install or delete any software the company chooses.
Because of the angry tone of many of the emails and calls to jump on the "Microsoft is evil incarnate" bandwagon, I telephoned Microsoft, asked what the situation was, and requested an official response. I've worked with Microsoft for many years, and the folks there seemed genuinely surprised by the response the EULA was generating—so much so that Microsoft decided to rewrite the EULA to more clearly delineate what the user was agreeing to. The EULA for the rollup patch applies only to content that Digital Rights Management (DRM) technology protects. It doesn't grant Microsoft an unrestricted license to access and delete or add content to your computer, nor does it operate the DRM solutions silently; in every case, the end user has the right to accept or deny software that might be added or changed on the system. The changes are made so that any supported DRM scheme can update its DRM solution. For Microsoft's response to my questions, see the Web site. You can find additional information describing these Microsoft DRM features on pages 21 and 22 of the "Managing Automatic Updating and Download Technologies in Windows XP" white paper available for download.