PCs are actually safer today than they were four years ago, when the first batch of mass mailing viruses -- such as LoveBug and Melissa were introduced.
The Sasser worm is spreading quickly, automatically infecting Windows systems that are not protected by Microsoft's latest patches. Similar to the Blaster worm that hit last August, Sasser uses a known defect in Windows that allows it to scan for other vulnerable machines without any intervention from the user.
Antivirus firm Panda said that companies are running for cover as all four of Sasser's variants charge up the company's "top ten" most detected viruses chart. According to Panda, Sasser has infected a third of the Taiwan postal service's computers, and the UK Coastguard has reported that its network is under attack from the worm.
Antivirus firm Sophos' senior technical consultant Graham Cluley said new laws have also helped, which means it's harder for the bad guys to get away:
"More countries have introduced computer crime laws," said Cluley, who pointed out that the author of the LoveBug virus, a student from the Philippines, was never prosecuted: "He got away scot free because the crime laws in the Philippines were not strong enough."
Ben Nagy, senior security engineer at eEye, the company responsible for discovering the Windows vulnerability exploited by the Sasser worm, agrees that virus and worm writers are much cleverer than they were four years ago: "Four years ago, your average hacker may have been able to exploit a simple stack-based buffer overflow, but now we are seeing exploits that require a deep understanding of the Windows architecture," he said.
And although virus writers have improved their skills over the past four years, so has the security industry. This means users are actually much safer -- as long as they keep their security software updated. Nagy said the main problems are caused by a lack of patching, not because attackers getting smarter.
"People need to understand that although these exploits are hitting known vulnerabilities, they are not being patched in time because users are not yet accustomed to thinking in that way -- they always want to put it off till tomorrow," said Nagy.
Sophos' Cluley said that although Sasser does not require user intervention to spread, the vast majority of viruses spread because users continue to click on attachments.
"Four years ago, LoveBug didn't rely on any Microsoft vulnerabilities, it relied on the bug in people's brains -- and I don't think we have upgraded enough people's brains yet. If an attachment's name is attractive enough, a large percentage of people will still click on it and get infected," he said.
Talkback
This article consistantly confuses The Lovsan worm with the I LOVE YOU one. Lovsan is another name for MSBLASTER
Adam, thanks for pointing that out - the article has been corrected.
Sorry this will be a bit long-winded guys, I just want to get my point across, thanks for being patient with me.
I totally agree that users brains have got to be upgraded. I've been using a computer in one form or another for about 30 years and I have my own antivirus software. I run two, a free one and Norton 2002 and always run updates. Also I run 98SE so I don't get hit so often. Also my ISP runs it's own antivirus software and is 99.99% effective.
I'll give you an example about users brains ... on Sunday my hubby was at a friend's house when he got a txt message. It was from a neighbour wanting to know if I could LEND her daughter my antivirus disc ... a big no-no with me. I install software & build machines I do not lend software out. I offered to go round with a copy of AVG for her but was turned down ... the set-up programme is on a CD which will never get collected now because they went out & bought their own disc on Tuesday ... nice of them to let me know. I think users should also have their brains upgraded with a set of decent manners as well, don't you?
Anne
If we upgraded "users' " brains we'd be a whole lot better off.
Just as we don't rely on people just not speeding or driving with alcohol, we shouldn't be relying on users being smart with their computers.
I have users here who have studied law for 10 years yet come to me to get their Windows bar realigned when it "completely out of itself" moved to the top of their screen.
The entire world would be a much much better place if everybody could rely on each other to do the sensible things (we probably wouldn't even need laws).
This is not news, this is a well-known frustration of every sysadmin.
Besides, on the problem of (not) patching: I've patched our Windows servers dozens of times, but each and every time I do it, Microsoft turns out to have a few little undocumented suprises up it's sleeve, twice (I know of) even resulting in our entire industry not being able to do our jobs correctly for weeks, and always resulting in some functionality changed or abolished.
So our Operating Systems need to be secure and reliable, but so do our patches, Bill.