bobcat
Posts: 678 +69
Sources:
PC-Welt magazine: main advice
Secunia Security Specialists: vulnerability statistics
Which programs have the most security holes and are attacked most often? They are popular and indispensable, which makes them prime targets of hackers and criminals. The 10 most dangerous tools are presented and safer alternatives are proposed, together with tips.
First of all, irrespective of which programs you are using, you should keep them constantly up to date to ensure that any security holes discovered are patched.
Run this. It's like windows update, but for almost every piece of software you have installed, it will tell you what programs are out of date and need updating, and either provide a link or offer to update for you:
https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html
Thunderbird
Once, this was a popular email program, considered a safer alternative to Outlook Express from MS. But for the last 3 years, the situation has reversed. Outlook Express hardly contains any security holes any longer, while Thunderbird users must keep patching these with updates. Recently, some of these holes even gave the attacker more rights (i.e. admin) than the actual user had.
Alternative: For Windows XP use Outlook Express 6, for Windows 7 a good choice is Live Mail which is also a component of Windows Live Essentials 2011.
Java Runtime
Java Runtime is an auxiliary program that allows software written in Java to run on a PC. In 2010, it became a new top favorite of virus programmers.
Alternative: For Windows, there’s unfortunately no alternative. So you have 2 choices: Either you uninstall this software and can no longer use programs written in Java, e.g. the Firefox extension NoScript can substantially reduce use of Java on risky sites. Or keep Java constantly updated to at least avoid attacks exploiting holes in older versions. Java has an automatic update mechanism which should be set to run at least once a week. You do this via the Control Panel >Java > Update, advanced.
iTunes
Users of Apple’s iPod or iPad at times have to use the software iTunes, in which new security holes are constantly being found.
Alternative: Instead of iTunes, use free programs like Sharepod 3.9.6 or iPhone Explorer 0.9.10.3, but bear in mind that these are not quite as convenient as iTunes. Or use Mufin Player 2.0.0.135, which offers many useful features and is not inferior as regards music management.
Microsoft Word
Word continues to find itself high in the list of preferences of attackers, at least as regards the older versions 2003 and 2007. The current Word 2010 is either safer or not yet as widely used as to merit being exploited by hackers.
Alternative: Open Office is a good and compatible substitute with similar facilities, which is far less attacked.
Microsoft Excel
The security position of spreadsheet Excel is hardly better than that of Word. In the current version 2010 no security holes have been found by security experts so far, but in contrast, in the older versions many of them.
Alternative: Use the spreadsheet Calc of the Open Office suit, or that of IBM Lotus Symphony 3.
Adobe Reader
According to security firm Secunia, Adobe Reader is installed on 91 percent of PCs. Its widespread use makes it a favorite target of virus programmers, who put executable code on PDF data, massively so in 2010. It’s possible that one click on such data enables system infection.
Alternative: Use Foxit Reader which is equally functional and also much lighter as a side benefit.
Quicktime
The hardware and software developer Apple offers its Quicktime player, originally developed for its own computers, also for Windows. This is much to the detriment of users of the latter system, since this software has been among the most vulnerable for a number of years now.
Alternative: Use the free and powerful VLC Media Player 1.1.5.
Adobe Flash
While surfing, one unavoidably encounters elements in Flash format. Usually these are animations or videos. To view them, it’s necessary to use Adobe’s Flash program. However, security specialists find in this program security holes even more frequently than in Adobe Reader. Of course, criminals exploit these holes recklessly.
Alternative: There’s no alternative program for playing Flash. However, most Flash elements on the internet are ads that one can do without. So you can block Flash with a browser extension, such as Flashblock for Chrome. Where necessary, you can allow Flash temporarily.
Browsers
Browsers are the preferred targets of online criminals. None of them is devoid of security holes, no matter how many updates they make to them.
Alternative: Applies to all browsers: Keep them constantly updated. For someone who wants to go away from his present browser, a good choice is Iron Browser. It’s based on the same software as Google Chrome, but uses different modules. Of course, security holes are also being discovered in Iron, but because its use is not so widespread, it’s less interesting to criminals.
Win XP (without Updates)
Windows XP is of course not a program, but a complete operating system. Nevertheless, it leads the list of the most dangerous programs, because it’s by far the most often attacked software on today’s PCs. If you install the original Windows XP CD of 2001 without updates, you only need to stay on the internet very shortly before getting infected with viruses of every kind. Furthermore, XP is particularly vulnerable, because user accounts are given Administrator rights as standard. This way, viruses can invade the system much more easily.
Recommendation: If you haven’t already, install Service Pack 3 for Windows XP and enable automatic Windows updates: start > Control Panel > Automatic Updates. Furthermore, you should login with an account having restricted rights, not as Administrator. To set up such an account: start > Control Panel > User Accounts.
PC-Welt magazine: main advice
Secunia Security Specialists: vulnerability statistics
Which programs have the most security holes and are attacked most often? They are popular and indispensable, which makes them prime targets of hackers and criminals. The 10 most dangerous tools are presented and safer alternatives are proposed, together with tips.
First of all, irrespective of which programs you are using, you should keep them constantly up to date to ensure that any security holes discovered are patched.
Run this. It's like windows update, but for almost every piece of software you have installed, it will tell you what programs are out of date and need updating, and either provide a link or offer to update for you:
https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html
Thunderbird
Once, this was a popular email program, considered a safer alternative to Outlook Express from MS. But for the last 3 years, the situation has reversed. Outlook Express hardly contains any security holes any longer, while Thunderbird users must keep patching these with updates. Recently, some of these holes even gave the attacker more rights (i.e. admin) than the actual user had.
Alternative: For Windows XP use Outlook Express 6, for Windows 7 a good choice is Live Mail which is also a component of Windows Live Essentials 2011.
Java Runtime
Java Runtime is an auxiliary program that allows software written in Java to run on a PC. In 2010, it became a new top favorite of virus programmers.
Alternative: For Windows, there’s unfortunately no alternative. So you have 2 choices: Either you uninstall this software and can no longer use programs written in Java, e.g. the Firefox extension NoScript can substantially reduce use of Java on risky sites. Or keep Java constantly updated to at least avoid attacks exploiting holes in older versions. Java has an automatic update mechanism which should be set to run at least once a week. You do this via the Control Panel >Java > Update, advanced.
iTunes
Users of Apple’s iPod or iPad at times have to use the software iTunes, in which new security holes are constantly being found.
Alternative: Instead of iTunes, use free programs like Sharepod 3.9.6 or iPhone Explorer 0.9.10.3, but bear in mind that these are not quite as convenient as iTunes. Or use Mufin Player 2.0.0.135, which offers many useful features and is not inferior as regards music management.
Microsoft Word
Word continues to find itself high in the list of preferences of attackers, at least as regards the older versions 2003 and 2007. The current Word 2010 is either safer or not yet as widely used as to merit being exploited by hackers.
Alternative: Open Office is a good and compatible substitute with similar facilities, which is far less attacked.
Microsoft Excel
The security position of spreadsheet Excel is hardly better than that of Word. In the current version 2010 no security holes have been found by security experts so far, but in contrast, in the older versions many of them.
Alternative: Use the spreadsheet Calc of the Open Office suit, or that of IBM Lotus Symphony 3.
Adobe Reader
According to security firm Secunia, Adobe Reader is installed on 91 percent of PCs. Its widespread use makes it a favorite target of virus programmers, who put executable code on PDF data, massively so in 2010. It’s possible that one click on such data enables system infection.
Alternative: Use Foxit Reader which is equally functional and also much lighter as a side benefit.
Quicktime
The hardware and software developer Apple offers its Quicktime player, originally developed for its own computers, also for Windows. This is much to the detriment of users of the latter system, since this software has been among the most vulnerable for a number of years now.
Alternative: Use the free and powerful VLC Media Player 1.1.5.
Adobe Flash
While surfing, one unavoidably encounters elements in Flash format. Usually these are animations or videos. To view them, it’s necessary to use Adobe’s Flash program. However, security specialists find in this program security holes even more frequently than in Adobe Reader. Of course, criminals exploit these holes recklessly.
Alternative: There’s no alternative program for playing Flash. However, most Flash elements on the internet are ads that one can do without. So you can block Flash with a browser extension, such as Flashblock for Chrome. Where necessary, you can allow Flash temporarily.
Browsers
Browsers are the preferred targets of online criminals. None of them is devoid of security holes, no matter how many updates they make to them.
Alternative: Applies to all browsers: Keep them constantly updated. For someone who wants to go away from his present browser, a good choice is Iron Browser. It’s based on the same software as Google Chrome, but uses different modules. Of course, security holes are also being discovered in Iron, but because its use is not so widespread, it’s less interesting to criminals.
Win XP (without Updates)
Windows XP is of course not a program, but a complete operating system. Nevertheless, it leads the list of the most dangerous programs, because it’s by far the most often attacked software on today’s PCs. If you install the original Windows XP CD of 2001 without updates, you only need to stay on the internet very shortly before getting infected with viruses of every kind. Furthermore, XP is particularly vulnerable, because user accounts are given Administrator rights as standard. This way, viruses can invade the system much more easily.
Recommendation: If you haven’t already, install Service Pack 3 for Windows XP and enable automatic Windows updates: start > Control Panel > Automatic Updates. Furthermore, you should login with an account having restricted rights, not as Administrator. To set up such an account: start > Control Panel > User Accounts.
