Fix these vulnerabilities or face the risk of your machine being taken over remotely by unauthorized hackers.
Individuals and businesses face identity theft and industrial espionage, or having their machines become conduits for thousands of junk messages, if they don’t address security issues on a timely basis.
The SANS Institute has updated its top 20 list of Most Critical Internet Vulnerabilities for the second quarter. According to a press release, these vulnerabilities pose the greatest threat to computer security.
422 new vulnerabilities were discovered in the second quarter, compared to 381 in the previous quarter. Several were for the Windows operating system. But other software, like backup products and media players, proved vulnerable to attacks as they were found to have flaws requiring a patch.
Flaws in backup products from Computer Associates and Veritas proved very worrisome to the research team compiling the list. Backup software runs with high privileges on systems, and tends to be widely deployed in enterprises. Exploiting that software gives an attacker access to all the data held by a business.
Another researcher noted that the default presence of a firewall in Windows XP SP 2 has forced attackers to find other methods of getting into systems. New attacks now try to exploit products where the user actively retrieves something; browsers like Internet Explorer and Firefox, and iTunes and RealPlayer have had issues requiring updates.
Even the Mac operating system required a security update during the quarter, as exploit code for a security vulnerability was made publicly available. All of the entries in the SANS top 20 list have patches, and users and businesses should review the list and perform updates as needed.
David Utter is a staff writer for murdok covering technology and business. Email him here.
