Is my computer at risk (vulnerable to malware)?

Many vulnerability factors make a computer, operating system, application or network susceptable to malware infection. Some of these factors are more controllable than others.
  • Homogeneity - e.g. when all computers in a network run the same OS, if you can break that OS, you can break into any computer running it.
  • Defects - most systems containing errors which may be exploited by malware.
  • Unconfirmed code - code from a floppy disk, CD-ROM or USB device may be executed without the user's agreement.
  • Over-privileged users - some systems allow all users to modify their internal structures.
  • Over-privileged code - most popular systems allow code executed by a user all rights of that user.
As an example of the "homogeneity" factor, Microsoft Windows has such a large share of the market that concentrating on it will enable a cracker to subvert a large number of systems. Introducing inhomogeneity purely for the sake of robustness would however bring high costs, and is obviously not an option.

Most systems contain bugs which may be exploited by malware. Examples include "buffer overruns", in which an interface designed to store data in a small area of memory allows the caller to supply too much, and then overwrites its internal structures. This may used by malware to force the system to execute its code.

Any infected CD or other mediat containing an "autorun" file, when placed into your computer to view the content, can automatically infect (or re-infect) your computer. And, this type of media may be actively advertised through email: "download your free DVD".

Malware, running as over-privileged code, can use this privilege to subvert the system. Almost all currently popular operating systems, and also many scripting applications allow code too many privileges, usually in the sense that when a user executes code, the system allows that code all rights of that user. This makes users vulnerable to malware in the form of e-mail attachments, which may or may not be disguised. Given this state of affairs, users are warned only to open attachments they trust, and to be wary of code received from untrusted sources.

It is also common for operating systems to be designed so that device drivers need escalated privileges, while they are supplied by more and more hardware manufacturers, some of whom may be unreliable. Eliminating vulnerability to rogue device drivers is probably harder than for arbitrary rogue executables. Techniques include:

  • Memory mapping registers of the only the device in question to its driver
  • A system interface associating the driver with interrupts from the device 
  • Various forms of virtualization, allowing the code unlimited access only to virtual resources
  • Various forms of sandbox or jail
  • The security functions of Java, in java.security
Even with such approaches, malware device drivers continue to be successfully deployed in spite of the best-laid defenses from Microsoft and anti-malware applications.
Click here for a Free Spyware Scan, to remove spyware with continued spyware protection.

© 1996-2008 adware.com