Focus On: Vulnerabilities

A security hacker is unleashing an exploit every day this month. HD Moore claims he's doing it to highlight the fecklessness of browser security, but admits that he also wants to draw attention to his new blog. While both might be noble goals, IT managers scrambling to protect end-points left vulnerable by Moore's publicity initiative may be forgiven if they aren't impressed.

Antivirus builders protected Windows for years, allowing Microsoft to divert its development money to feature-bloat, in lieu of security. In fact, Microsoft's security bench was so empty that, once the decision was made to take over the security business, Redmond was forced to buy outside companies. Email Battles addresses a/v makers' mistakes and Microsoft's new attack strategy, and asks the really tough questions to boot, like, "What's with the name?"

Symantec started 2006 with its hand caught in the cookie jar, admitting to embedding rootkit-like functionality in Norton SystemWorks. Since then, Symantec LiveUpdate for Macintosh, Symantec Scan Engine and Symantec Gateway Security have all served up steaming plates of embarrassment. And now, Symantec Antivirus and Symantec Client Security allow remote exploits. With Wintel closing in on its a/v franchise and its stock already in the tank, the timing couldn't be worse.

The speed of Microsoft's release of the WMF Exploit patch proved that when prodded enough, elephants really can fly. Though their computers were configured to download but not install Windows Update patches, some admins claim that their systems automatically updated and rebooted anyway. Email Battles asks, "Is overriding an admin without permission a good idea?"

Email Battles lists thirty ports most likely to be exploited as unwitting open proxies by phishers, spammers, pay-per-click scammers, illicit file sharers, porn junkies, cheapskates, and industrial spies then tells you what to do about them... Especially the top five.