Thursday, July 25, 2019

MSc computer system security 'Practical Windows Security' Essay

MSc computer system security 'Practical Windows Security' - Essay Example The main types of attacks include Denial of Service, Trojan Horse, viruses, worms and Logic Bombs. The first virus that operated on Windows 2000 was detected on 13th January 2000 (Wong 2000). It is known as the Win2000.Install or W2K.Installer virus. Although the virus could not do much damage to the new windows but it provided attackers with the concept to identify the vulnerabilities of the Windows and to invade into the systems with improved attacks in the future. A definition of security vulnerability can be regarded as the preliminary filter that is applicable to various issues. A security vulnerability can be considered as, â€Å"a flaw in a product that makes it infeasible – even when using the product properly —to prevent an attacker from usurping privileges on the user's system, regulating its operation, compromising data on it, or assuming ungranted trust† (Microsoft 2011). Microsoft publishes security bulletins when a specific security issue fulfills t he criteria for the standard security definition. However this does not follow that no action is taken by Microsoft. For instance if Microsoft finds a bug that does not raise any security vulnerability, the security team nevertheless gives it importance and tries to counter it. In this case the Microsoft team does not come up with a patch or publish security bulletin; rather the team would include the solution in the product that it is going to release in the future. On the other hand, if a certain issue does fall on the criteria for security vulnerability definition, the security team first tries to establish whether the issue has breached the security policy of the product. When a product is made there is an assortment of instructions that are devised to inform the costumer about how a particular product is to be used as well as the promises that it delivers regarding the security it provides. What is CVE? Common vulnerabilities and exposures (CVE) brings together a list of common security vulnerabilities and exposures which are publically accessible. Common identifiers of CVE play a role in the exchange of data between security products and put forth a base line index point for the purpose of analyzing coverage of various products such as tools and services (CVE 2011). When Microsoft comes out with a patch for a security problem, it aims to fix whatever security vulnerability the problem has exposed. The purpose of the new patches is to protect the costumer from security threats. For example MS03-026 was released on July 16, 2003 to correct a security vulnerability in a Windows Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) interface. After Microsoft had introduced this bulletin Microsoft was informed that there are yet more ports available that can be abused for the purpose of this vulnerability. Later on Microsoft added information regarding these extra ports in the security bulletin; particularly this has been integrated in the mit igating factors as well as the Workaround section in the bulletin. However later additions were made to it like the MS03-039 with an updated scanning tool which provided further advancements in the patches given in the older version as well as the original scanning tool. The use of remote procedure call The windows operating system makes use of a certain protocol which is referred as the Remote

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.