1. Vulnerabilities in Operating Systems Michael Gaydeski COSC 432 8 December 2008

2. Overview http://www.sans.org/top20/ : SANS Top 20 Security Risks of 2007 http://www.sans.org/top20/ Client-side vulnerabilities  Web browsers  Office software  Email clients  Media players These vulnerabilities are found primarily in Windows, but exist in other operating systems

3. Web browsers Internet Explorer  Many security holes that allow execution of arbitrary code  Many of the exploits are available to the public  IE exploits vulnerabilities in other Windows components such as the Graphics Rendering Engine  Hundreds of exploits in ActiveX controls

4. Web browsers Mozilla Firefox  Unpatched or older versions contain weaknesses that allow execution of arbitrary code Third-party plug-ins  Used to access multimedia files and documents  Users may not know they are installing such plug- ins  IE7 is unable to hand custom URIs – hackers can insert custom URIs into PDF documents to allow execution of malicious code

5. Systems affected Theoretically, any system that uses any web browser could be affected Attacks are concentrated on most popular web browsers and operating systems  Internet Explorer 5 or later on Windows  Firefox on any operating system

6. How to avoid these vulnerabilities Windows XP users should use Service Pack 2  If this is not possible, use a browser other than IE IE users should use latest version (IE7)‏ Systems should be updated with latest patches and service packs Use anti-malware software Users of older Windows systems should upgrade to XP Use a browser that does not support ActiveX

7. Office software Most common office software is Microsoft Office  Contains several high-risk vulnerabilities

8. Office software Vulnerability occurs through email client because of malicious emails Exploits also occur in web-based documents and spreadsheets IE automatically opens MS Office documents, which may be malicious

9. Systems affected All Windows systems that use MS Office Mac systems that use MS Office Level of vulnerability depends on version of software installed

10. How to avoid these vulnerabilities Use latests patches and service packs Do not open emails from suspicious sources Use caution even with emails from known sources Disable option in IE that allows it to automatically open MS Office documents Use anti-malware software

11. Email clients Malicious emails may contain malware Phishing, spam, denial of service attacks Impact of malicious emails  Distribution of malware (viruses, trojans, spyware)‏  Disclosure of private information  Disable certain services

12. Systems affected Microsoft Outlook (Windows)‏ Outlook Express (Windows, older versions available for Mac)‏ Mozilla Thunderbird (Windows, Mac, Linux)‏ Mail.app (Mac)‏

13. How to avoid these vulnerabilities Remove email client software from systems where it is not necessary Use latest version of software Use anti-malware software Do not run client from administrator or other privileged account Do not open suspicious emails Do not respond to spam View messages without HTML or other formatting Scan attachments before opening them

14. Media players Most media players are third-party and must be installed by the user Upgrades must be manually installed by user

15. Systems affected Real Player (Windows, Mac, Linux)‏ Adobe Flash Player (Windows, Mac, Linux)‏ Apple Quicktime (Windows, Mac)‏ Apple iTunes (Windows, Mac)‏ Windows Media Player (Windows)‏

16. How to avoid these vulnerabilities Use latest version of software Use anti-malware software Configures operating systems and browsers to prevent unintentional installation of software Install media players only on systems that require it