Friday, July 17, 2009

Understanding Patches

Cyber Security Tip ST04-006

When vendors become aware of vulnerabilities in their products, they often
issue patches to fix the problem. Make sure to apply relevant patches to
your computer as soon as possible so that your system is protected.

What are patches?

Similar to the way fabric patches are used to repair holes in clothing,
software patches repair holes in software programs. Patches are updates that
fix a particular problem or vulnerability within a program. Sometimes,
instead of just releasing a patch, vendors will release an upgraded version
of their software, although they may refer to the upgrade as a patch.

How do you find out what patches you need to install?

When patches are available, vendors usually put them on their websites for
users to download. It is important to install a patch as soon as possible to
protect your computer from attackers who would take advantage of the
vulnerability. Attackers may target vulnerabilities for months or even years
after patches are available. Some software will automatically check for
updates, and many vendors offer users the option to receive automatic
notification of updates through a mailing list. If these automatic options
are available, we recommend that you take advantage of them. If they are not
available, check your vendors' websites periodically for updates.

Make sure that you only download software or patches from websites that you
trust. Do not trust a link in an email message—attackers have used email
messages to direct users to malicious websites where users install viruses
disguised as patches. Also, beware of email messages that claim that they
have attached the patch to the message—these attachments are often viruses
(see Using Caution with Email Attachments for more information).
______________________________
___________________________________

Both the National Cyber Security Alliance and US-CERT have identified this
topic as one of the top tips for home users.
_________________________________________________________________

Author: Mindi McDowell
_________________________________________________________________

Produced 2004 by US-CERT, a government organization.

Note: This tip was previously published and is being re-distributed
to increase awareness.

Originally Published at: http//www.us-cert.gov/cas/tips/ST04-006.html

Wednesday, July 1, 2009

Understanding Anti-Virus Software

Cyber Security Tip ST04-005


Anti-virus software can identify and block many viruses before they can
infect your computer. Once you install anti-virus software, it is important
to keep it up to date.

What does anti-virus software do?

Although details may vary between packages, anti-virus software scans files
or your computer's memory for certain patterns that may indicate an
infection. The patterns it looks for are based on the signatures, or
definitions, of known viruses. Virus authors are continually releasing new
and updated viruses, so it is important that you have the latest definitions
installed on your computer.

Once you have installed an anti-virus package, you should scan your entire
computer periodically.
* Automatic scans - Depending what software you choose, you may be able to
configure it to automatically scan specific files or directories and
prompt you at set intervals to perform complete scans.
* Manual scans - It is also a good idea to manually scan files you receive
from an outside source before opening them. This includes

* saving and scanning email attachments or web downloads rather than
selecting the option to open them directly from the source
* scanning media, including CDs and DVDs, for viruses before opening any
of the files

What happens if the software finds a virus?

Each package has its own method of response when it locates a virus, and the
response may differ according to whether the software locates the virus
during an automatic or a manual scan. Sometimes the software will produce a
dialog box alerting you that it has found a virus and asking whether you
want it to "clean" the file (to remove the virus). In other cases, the
software may attempt to remove the virus without asking you first. When you
select an anti-virus package, familiarize yourself with its features so you
know what to expect.

Which software should you use?

There are many vendors who produce anti-virus software, and deciding which
one to choose can be confusing. All anti-virus software performs the same
function, so your decision may be driven by recommendations, particular
features, availability, or price.

Installing any anti-virus software, regardless of which package you choose,
increases your level of protection. Be careful, though, of email messages
claiming to include anti-virus software. These messages, supposedly from
your ISP's technical support department, contain an attachment that claims
to be anti-virus software. However, the attachment itself is in fact a
virus, so you could become infected by opening it (see Using Caution with
Email Attachments
for more information).

How do you get the current virus information?

This process may differ depending what product you choose, so find out what
your anti-virus software requires. Many anti-virus packages include an
option to automatically receive updated virus definitions. Because new
information is added frequently, it is a good idea to take advantage of this
option. Resist believing email chain letters that claim that a well-known
anti-virus vendor has recently detected the "worst virus in history" that
will destroy your computer's hard drive. These emails are usually hoaxes
(see Identifying Hoaxes and Urban Legends for more information). You can
confirm virus information through your anti-virus vendor or through
resources offered by other anti-virus vendors.

While installing anti-virus software is one of the easiest and most
effective ways to protect your computer, it has its limitations. Because it
relies on signatures, anti-virus software can only detect viruses that have
signatures installed on your computer, so it is important to keep these
signatures up to date. You will still be susceptible to viruses that
circulate before the anti-virus vendors add their signatures, so continue to
take other safety precautions as well.
______________________________
___________________________________

Both the National Cyber Security Alliance and US-CERT have identified this
topic as one of the top tips for home users.
_________________________________________________________________

Authors: Mindi McDowell, Allen Householder
_________________________________________________________________

Produced 2004 by US-CERT, a government organization.

Note: This tip was previously published and is being re-distributed to
increase awareness.

Terms of use

http//www.us-cert.gov/legal.html

This document can also be found at

http//www.us-cert.gov/cas/tips/ST04-005.html