Personal security usually starts with your device. The more unsecure devices are out there, the better is the mechanism behind data breaches and malware infections. So, if you want to be safe and sound, start with your device.
Device Security and Operating Systems
Microsoft’s operating system has quite the user market share. Maybe that’s one of the reasons Windows gets in the way of cyberattacks that often. Or maybe the intensity of successful attacks on Windows is due to running an outdated version of the OS?
To answer these or other questions or just for the sake of the analysis, Duo Security examined more than two million devices, more than half of which were running on some version of Windows.
Researchers then discovered that 65 percent of the Windows devices were running on Windows 7, which is susceptible to more than 600 security vulnerabilities.
This is not the worst part. Tens of thousands of machines are still using Windows XP. Windows XP was released in 2001. This fact alone means multiple attack scenarios literally made available by hundreds of vulnerabilities. Many of those flaws are of critical character.
There are many reasons why a company would prefer an older OS over a newly released one
The most obvious reason is the cost and time needed to update each computer and software in an organization. In some cases, the software the company is running may not correspond to later operating systems and environments, as explained by Ajay Arora, CEO of Vera.
The expert also believes that if companies continue to choose Windows 7 over later Windows versions, they need to consider security software that covers the lacking features like default disk encryption. “It comes down to, spending the money to address the underlying issue of using an operating system with weaker security, spending money to update the operating systems, or spending the money to secure the thing you are trying to protect in the first place; the data itself,” Arora says.
The biggest problem nonetheless is the continuous disclosure of new vulnerabilities. Just recently, Google’s Threat Analysis Group disclosed a set of zero-day flaws in Adobe Flash and Microsoft Windows kernel. This set of flaws has already been exploited in the wild against the Chrome browser.
Adobe were able to quickly update Flash against the CVE-2016-7855
Unfortunately, the Windows kernel bug is still unpatched. In a post from October 31st, Neel Mehta and Billy Leonard from the Threat Analysis Group say that:
After 7 days, per our published policy for actively exploited critical vulnerabilities, we are today disclosing the existence of a remaining critical vulnerability in Windows for which no advisory or fix has yet been released. This vulnerability is particularly serious because we know it is being actively exploited.
The Windows vulnerability is a local privilege escalation in the Windows kernel that can be used as a security sandbox escape. It can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD. Chrome’s sandbox blocks win32k.sys system calls using the Win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability.
What Are Some Good Security Tips?
Duo security researchers advise the following, and we agree:
- Use modern browser platforms that are more secure or go for browsers that are updated more frequently and automatically;
- Never underestimate the power of security updates and emergency patches;
- Consider using device encryption, passwords and fingerprint ID;
- Consider using a two-factor authentication solution to protect systems and data;
- Disable Java and prevent Flash from running automatically on corporate devices;
- This practice should go for user-owned devices through endpoint access policies and controls.