X

Two free programs help prevent drive-by downloads

With Web-hosting companies now in the cross-hairs of malware distributors, you need to take extra precautions to avoid infection simply by visiting a compromised site.

Dennis O'Reilly Former CNET contributor
Dennis O'Reilly began writing about workplace technology as an editor for Ziff-Davis' Computer Select, back when CDs were new-fangled, and IBM's PC XT was wowing the crowds at Comdex. He spent more than seven years running PC World's award-winning Here's How section, beginning in 2000. O'Reilly has written about everything from web search to PC security to Microsoft Excel customizations. Along with designing, building, and managing several different web sites, Dennis created the Travel Reference Library, a database of travel guidebook reviews that was converted to the web in 1996 and operated through 2000.
See full bio
Dennis O'Reilly
3 min read
As Elinor Mills reported in her blog, malicious code was added to a widget on the growsmartbusiness.com site of Web-hosting firm Network Solutions. The widget was also placed on sites "under construction" that Network Solutions hosts.

The widget has been removed, but Wayne Huang, co-founder and chief technology officer at security firm Armorize, claims in an August 14 blog post that more than a half million of these parked domains are infected. Network Solutions says this figure is "inaccurate" but hasn't yet estimated the impact of the infection.

Regardless of the final tally of infected sites, malware in being spread increasingly to people who simply open an infected page in their browser. Fortunately, there are simple ways to reduce the risk of infection when you surf the Web.

Keeping your software current is de rigueur
Perhaps the best defense is to use an up-to-date browser. The latest versions of Internet Explorer, Firefox, Google Chrome, Opera, and Safari provide plenty of built-in security features, including the ability to warn you automatically whenever an executable program attempts to download and run. In a post from last November, I compared the security approaches of these five browsers.

Firefox users benefit from the many free security add-ons for that browser. I described five Firefox privacy add-ons in a post from last month. And just last week I reviewed Zscaler's Search Engine Security extension for Firefox that helps prevent Google, Yahoo, and Bing from serving up malicious links in their search results.

In addition to a secure browser, you must also make sure you keep your firewall and antivirus software updated and active. Microsoft recently released the beta of a new version of its free Security Essentials program. One of the new features in the update is tighter integration with both Internet Explorer and Windows' built-in firewall.

It (almost) goes without saying that you must also keep Windows itself up-to-date. Because some Windows updates can cause their own problems, I choose the option to download but notify me before installing the updates. That way I can wait a day or two after the updates are released to monitor the Web for reports of update-related woes.

This post from July 2008 explains how to reset Windows Update to wait before applying patches, and another post from a few months later describes how to check your Windows Update history.

Still, there are some critical updates that warrant application as soon as they're available, although you can't always take Microsoft's word for which of its updates are indeed "critical." Once again, keep an eye on CNET and other tech-news sites for information about these must-have Windows patches--especially around the second and fourth Tuesdays of each month.

Two free programs stop Web malware in its tracks
Even with the most recent, fully patched and updated versions of your browser and security software, malware can still wheedle its way onto your PC. For an added level of protection while surfing, download and install a program that locks out all attempts to alter your system. The free Sandboxie and DropMyRights utilities take different approaches to PC lockdowns, but both are effective.

After you download and install Sandboxie, the program's control window displays the applications that will run in its controlled environment. Any system changes attempted while Sandboxie is activated are erased when you close the program and restart the PC.

Sandboxie Control dialog box
The free Sandboxie utility lets you browse and otherwise use your PC without allowing any changes to your system's configuration. Sandboxie

The concept behind DropMyRights is simple: programs require administrator rights to install, so if you run your browser with a standard user account, there's no way for a malicious program to gain a toehold on your system. Because many everyday PC activities require an administrator account--such as applying software updates and running defraggers and other system utilities--running as a standard user full-time can be daunting.

DropMyRights addresses this problem by allowing you to run specific programs with only standard-account privileges. To do so, you create a shortcut to launch the program with limited rights. When you want to run the application with full administrator rights, just launch it the usual way.

Gizmo Richards provides more information on installing and using both Sandboxie and DropMyRights on his TechSupportAlert site. Gizmo's instructions for installing and using DropMyRights are particularly handy.

Consider these simple steps the computer equivalent of the proverbial ounce of prevention.