Vista Malware: Fighting Malware with Vista's Tools

Before we get into how Microsoft’s new products can help you reduce the threat of malware, it makes sense to discuss prevention and response first.

As mentioned earlier, staying secure is a two-step dance. You need good software that protects you, and the mindset to protect your surfing habits. Protecting systems and networks from the damage caused by Trojans, viruses, and worms is mostly a matter of common sense. It’s up to you to prevent harm by being aware of it, and then being able to respond to it and make the systems (or network) operational without any downtime, if possible.

Although there are many ways to protect yourself and your system using Microsoft’s tools, it always helps to practice some of the following general security practices as well:

• Periodically update every piece of software you install on your system, as well as the OS itself, which also needs to be updated periodically. You can do this by installing the latest updates, hotfixes, security patches, and SPs that are available for your software. Keep on top of when new patches come out, and try to test and then install the current patches to keep your system at its best.

This article is excerpted from “Vista for IT Security Professionals.” To order this book, please visit Syngress. Related Articles Vista Drives 'Record Profits' at Microsoft Making a Microsoft Relationship Work Green IT: Newmarket IT takes a TechTurn Oops. Intel CEO Gives Away Vista SP Release Date The Highest Paid Tech Jobs (2009 Update) Vista Sales Better Than Expected

• When using your e-mail client, pay close attention to “who” is sending you e-mail and “where” the e-mail originates. Because e-mail can be spoofed, you may not always be able to do this, but in most cases, a spam filter can quickly identify unspoofed e-mail and send it right to the trash or automatically remove it.

• If you receive files from sources that you do not recognize, it’s wise not to execute them. Instead, delete them. In other words, if someone sends you a file such as harmless.jpg.exe, it’s a good idea to delete the file and not execute it because it seems to fall into the characteristic of a typical malware hoax intended on getting you to launch it.

• When using your e-mail client, make sure you turn off any preview pane functionality so that you do not open and, therefore, execute any attached scripts simply by opening your Inbox.

• To prevent macro viruses, ensure that macro security is enabled in Office so that if you open a Word document, you won’t necessarily run a malicious script that may also be contained within it.

• Do not use floppy disks from untrusted sources. Also, pay attention to any file that enters your system from any source, whether it is a CD or DVD-ROM, USB flash device, or something similar.

• Use host-based instruction detection/prevention (IDS/IPS) software if possible, as well as firewall software, antivirus software, and spyware removal software such as Microsoft Defender.

• Harden your systems and disable unneeded or unwanted services.

• Use a strong password policy. If malware does attempt to try to steal your credentials, having a strong password policy in place will help you if your system does become infected.

• Configure your Web browser (such as Internet Explorer 7) to ignore or warn for cookies, and disable JavaScript and ActiveX, two commonly exploited scripting languages. Keep a close eye on sites that are not trusted and try to block sites that you know are malware-infected.