[ubuntu-my] Gempar dari Awal Mart!!

zarul shahrin zarulshahrin at gmail.com
Thu Jun 25 09:15:52 BST 2009


> Yes and no. The thing about Windows is that it can be infected without
> you even touching a single web page. Just connect to the Internet
> without a firewall, and leave it connected for some minutes without
> doing anything. The sasser worm hit me that way once.


  Sasser spread by exploiting unpatched system that is vulnerable to LSASS
security hole. If you study the case, most of the infected machines were not
patched even though the patch was being avaiable weeks earlier.  Nobody can
save you if you're not willing to patch your machine. Just like in the case
of conficker, the most vulnerable users were users who didn't patch their
system. The hits were worst in certain countries where many of the users
were using pirated version of windows thus were not able to get the windows
update working. Talking about "being remotely exploited" compare to Linux
OS, I guess windows has far lesser remotely exploitable vulnerabilities.
Please google for the statistics, if you have been into linux long enough,
you should know how pretty much every webserver running apache running
openssl were being rooted couple of years back and many machine machines
were still vulnerable even after 1 year.



Then there are
> some which can infect you via some vulnerabilities in Internet Explorer.


  Weird, because we are seeing malware exploiting web browsers like Firefox
and Safari all the time in the lab :-P

>
> Such vulnerabilities are generally not present in *nix OSes.
>

  This is a common argument for people who don't work in the security
industry..


>
> --
> Regards,
> Chow Loong Jin
>
>
>
> --
> Ubuntu-my mailing list
> Ubuntu-my at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-my
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/ubuntu-my/attachments/20090625/8fb82030/attachment.htm 


More information about the Ubuntu-my mailing list