Monday, 3 March 2014
This common advice is given in many articles about PC security, but rarely (if ever) do we see any claims as to how much protection we should expect.
We, at Dennis Technology Labs, wanted to find out how well Windows Updates adds to the protection provided by anti-malware software.
The testers in the lab ran a series of anti-malware tests using live, exploit-based web threats. They visited the malicious websites using systems that were running with no Windows Updates applied, with full updates applied and with a variety of popular anti-malware programs.
The end result (PDF) indicates that using Windows Updates protected against around one third of the 100 threats that we used.
Anti-malware software protected against from around two thirds to nearly one hundred per cent of the same threats.
We released this information at the RSA Conference USA 2014 last week and the response was interesting. Some analysts were surprised at how low the 32 per cent figure for 'Windows Updates only' was.
Others expected the protection level to be lower.
Ultimately we found that the best anti-malware products had most of the threats covered from the start, with and without updating Windows, while a couple of products (AVG and MSE) benefited significantly when the latest Windows updates were applied.
Feel free to download the full report and read PCMag.com's coverage from Neil Rubenking.
Friday, 14 February 2014
However, it makes sense to initiate the attack with a QR code because that's one way mobile device users visit websites. QR codes are also very visual and so help make demonstration videos more dramatic.
The really important point to take away from this attack is that users do not have to allow any new (malicious) application to run. This is not a social engineering attack in which the user is tricked into installing a malicious application.
They simply need to visit a website (QR code-initiated or not) and the attacker is able to run commands on their device.
It is possible that there are earlier demonstrations of Android-based automatic (aka 'drive-by') attacks, but I've not seen any until now.