All the latest UK technology news, reviews and analysis
|
|
|
20 Nov 2006
Security experts at the Sans Institute warned last week of a major surge in zero-day flaws as part of its 2006 update to the Top 20 Internet Security Attack Targets list.
The report advises implementation of a "least privilege" environment to reduce the impact of such attacks.
Marco Peretti, chief technical officer at security firm BeyondTrust, agreed with the findings of the Sans Institute, urging users to follow the " principle of least privilege" in setting user access controls, permissions and rights.
Peretti also suggested restricting or limiting the use of active code such as JavaScript or ActiveX in browsers.
Companies using Microsoft's Active Directory should take maximum advantage of Group Policy Objects to control user access, and should not rely on antivirus protection alone since zero-day attacks are often not detectable until new signatures are released.
"A zero-day vulnerability is a known flaw in software that does not have a patch available," said Marc Sachs, director of the Sans Internet Storm Center.
"In 2006 we have seen a significant rise in attacks that take advantage of zero-day vulnerabilities, leaving a user or system unable to defend against the attack since no patch is available."
This type of application-level attack is very hard to prevent with traditional flow-based schemes such as intrusion detection systems and firewalls.
Likewise, consumer-oriented security solutions such as antivirus software cannot usually detect the initial outbreak of a zero-day exploit attack.
"When users and applications are given more privileges than necessary, organisations expose themselves to threats such as malware and data theft no matter what defence they have in place," warned Peretti.
"A huge security problem that Windows enterprises face is that many users must be given administrative privileges in order to run required applications.
"However, as we have seen, administrative privileges are easily exploited by zero-day threats and malicious users. So you have to ask yourself if you trust your existing security defences."
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Our global consultancy client currently seeks a number...
Support Analyst x 1/2 Skills: Apple Mac OSX, Windows...
Network Consultant - London - 55-65k My client are...
A leading global provider of critical information to...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?