Case Project Information Securityadmin / January 20, 2019
While computer viruses are not as formidable as they were in the past decade mostly as a result of strong antivirus software, they still pose significant threat to users. In the near past, there have been a number of viruses that have posed a significant threat to computer users all over the world.
Sites such as the McAfee threat center which is dedicated to giving descriptions for the virus threats that may attack users provide an elaborate list of computer threats. Some of these threats include; the W32 virus and the Generic.dx!rwj Trojan.
The W32/Trebot virus is an especially troublesome virus that consists of a server editing component. With this component, the virus visits pre determined internet addresses for commands which are executed on a victim’s machine. The damage that this virus does on an individual’s computer includes slowing down the machine by downloading and executing other files which use up the systems memory resources.
An even bigger risk that the virus poses is that it uses the host machine to perpetrate denial of service attacks over the internet. While Windows ME and Xp are especially vulnerable to this virus, this virus also affects the Mac Os.
The Generic.dx!rwj is a Trojan that purports to be executing some beneficial task but is in fact a malicious program. The Generic.dx!rwj Trojan in particular compromises a user’s system and then seeks out messaging applications that may be installed. From these applications, the Trojan extracts contact information and sends them out to the Trojan creators.
The particular damage that this Trojan presents is that it compromises the privacy of a computer user by stealing personal information. This information may then be sold to spammers or marketers who will use it for sending spam mail to the user. This Trojan primarily affects the Windows platform as it compromises the registry keys by including itself as an authorized program.
Cell Phone Attacks
Over the years, the usage of cell phones has expanded to cover more than just voice communication. With this expansion in functionality, the vulnerability of cell phones has also increased leading to a need for protection from attacks. The most basic protection service offered to mobile phones is the PIN code that makes access to a device hard without authentication.
In Japan where mobile phones are utilized in financial transactions, sophisticated security features such as facial recognition are used to safeguard a user’s account. To address the issue of virus infection which mostly occurs as a result of downloads and file transfer, there exist mobile antivirus software which protects the phone from virus attacks by preventing infections.
The Symbian OS for example provides antivirus software that users with phones running on this platform can download and use to protect against viruses and malware.
The currently implemented protections are not adequate as mobile software is not as mature as PC software. There is also a lack of consciousness by users as to the risks they are exposed to. User awareness of the dangers that most modern phones are exposed to should be increased. In my opinion, both the cell phone providers and the user should be responsible for blocking attacks.
The provider should ensure that the phone is fitted with antivirus software and utilities such as password protection to prevent attacks. The user on the other hand should be responsible for regularly updating the phone’s antivirus software as well as undertaking best practices such as selective synchronization of files to avoid transferring of infected files from a PC.
Operating System Patches
In the month of February, Microsoft issued patches that were meant to address security and non-security issues in the various Windows OS Platforms.
This February patches were meant to address 26vulnerabilities that had been discovered in Windows. Some of the vulnerabilities that were addressed by the Patch included: risk of denial of service attacks, elevation of privileges by restricted account holders and remote code execution.
The elevation of privileges threat could be carried out either locally or remotely by users with valid credentials. Some of the remote code execution issues could affect the PowerPoint application in the MS Office Suite.
The severity of the problems that the patch addressed varied. Some of the vulnerabilities that were marked as “critical” in severity meaning that their presence presented a big risk to the operating system. These critical problems were the Remote Code Execution vulnerabilities.
The Denial of service and Elevation of privileges vulnerabilities were marked as “important” in severity meaning that while they did not present as big a risk as the critical vulnerabilities, their presence was still undesirable. Once the patches were installed, there were no known problems that occurred either to the operating system or to the MS Office application for which the patch was applied.