Two free programs help prevent drive-by downloads
With Web-hosting companies now in the cross-hairs of malware distributors, you need to take extra precautions to avoid infection simply by visiting a compromised site.
As Elinor Mills reported in herblog, malicious code was added to a widget on the growsmartbusiness.com site of Web-hosting firm Network Solutions. The widget was also placed on sites "under construction" that Network Solutions hosts.
The widget has been removed, but Wayne Huang, co-founder and chief technology officer at security firm Armorize, claims in an August 14 blog post that more than a half million of these parked domains are infected. Network Solutions says this figure is "inaccurate" but hasn't yet estimated the impact of the infection.
Regardless of the final tally of infected sites, malware in being spread increasingly to people who simply open an infected page in their browser. Fortunately, there are simple ways to reduce the risk of infection when you surf the Web.
Keeping your software current is de rigueur
Perhaps the best defense is to use an up-to-date browser. The latest versions of Internet Explorer, Firefox, Google Chrome, Opera, and Safari provide plenty of built-in security features, including the ability to warn you automatically whenever an executable program attempts to download and run. In a , I compared the security approaches of these five browsers.
Firefox users benefit from the many free security add-ons for that browser. I described five Firefox privacy add-ons in a. And just last week I reviewed Zscaler's extension for Firefox that helps prevent Google, Yahoo, and Bing from serving up malicious links in their search results.
In addition to a secure browser, you must also make sure you keep your firewall and antivirus software updated and active. Microsoft recently released the beta of a new version of its freeprogram. One of the new features in the update is tighter integration with both Internet Explorer and Windows' built-in firewall.
It (almost) goes without saying that you must also keep Windows itself up-to-date. Because some Windows updates can cause their own problems, I choose the option to download but notify me before installing the updates. That way I can wait a day or two after the updates are released to monitor the Web for reports of update-related woes.
This post from July 2008 explains how toto wait before applying patches, and another post from a few months later describes how to .
Still, there are some critical updates that warrant application as soon as they're available, although you can't always take Microsoft's word for which of its updates are indeed "critical." Once again, keep an eye on CNET and other tech-news sites for information about these must-have Windows patches--especially around the second and fourth Tuesdays of each month.
Two free programs stop Web malware in its tracks
Even with the most recent, fully patched and updated versions of your browser and security software, malware can still wheedle its way onto your PC. For an added level of protection while surfing, download and install a program that locks out all attempts to alter your system. The free Sandboxie and DropMyRights utilities take different approaches to PC lockdowns, but both are effective.
After you download and install Sandboxie, the program's control window displays the applications that will run in its controlled environment. Any system changes attempted while Sandboxie is activated are erased when you close the program and restart the PC.
The concept behind DropMyRights is simple: programs require administrator rights to install, so if you run your browser with a standard user account, there's no way for a malicious program to gain a toehold on your system. Because many everyday PC activities require an administrator account--such as applying software updates and running defraggers and other system utilities--running as a standard user full-time can be daunting.
DropMyRights addresses this problem by allowing you to run specific programs with only standard-account privileges. To do so, you create a shortcut to launch the program with limited rights. When you want to run the application with full administrator rights, just launch it the usual way.
Gizmo Richards provides more information on installing and using both Sandboxie and DropMyRights on his TechSupportAlert site. Gizmo's instructions for installing and using DropMyRights are particularly handy.
Consider these simple steps the computer equivalent of the proverbial ounce of prevention.