Thursday, 19 December 2013

Patch



A patch is a software update comprised code inserted (or patched) into the code of an executable program. Typically, a patch is installed into an existing software program. Patches are often temporary fixes between full releases of a software package.
Patches may do any of the following:
  • Fix a software bug
  • Install new drivers
  • Address new security vulnerabilities
  • Address software stability issues
  • Upgrade the software
Patch explained by Techopedia
Software patches can be free or available for sale. Some companies deliver patches to registered users only. Patches are usually available as Internet downloads.

If the original source code is proprietary and not released to the general public, then patches are released as executable binary code. Patches alter the existing programming code by modifying it or replacing it completely.

Patches have become extremely important as a methodology for updating programs or new system security threats which appear regularly, especially in online environments. Formerly patches were installed manually. Today automatic updates are very popular and are available as self-installing packages from the software vendors support pages at their website.

Although patches can vary in size from several kilobytes to hundreds of megabytes, patches are usually perceived as being rather small. Common to Microsoft Windows operating system large patches are generally named service packs, and can be over 100Mb.

So,next time you face any issue with any of your PC programmes, make use of patching...

Posted by: Cory Janssen
Posted by at No comments:
Labels: ,

Virus Signature



Definition - What does Virus Signature mean?
A virus signature is a string of characters or numbers that makes up the signature that anti-virus programs are designed to detect. One signature may contain several virus signatures, which are algorithms or hashes that uniquely identify a specific virus. A large number of viruses may share a single signature, allowing a virus scanner to detect viruses it has never seen before.

Techopedia explains Virus Signature
Generic or heuristic detection are the two types of scanning that anti-virus software employs when looking for virus signatures. Generic detection is not as effective as heuristic scanning because it neglects to locate new virus signatures, but it is better at finding new viruses that have been developed from existing virus families.

Heuristic detection methods encompass more than 250,000 new virus signatures and are most effective for locating new virus signatures. New signatures are created each time a new virus comes out so that they can detect the viruses during scans. It is necessary to create the new signatures as the new viruses cannot otherwise be detected.

When the anti-virus vendor has tested the new signature, the vendor sends it out in the form of a signature update so that it correlates to the users’ anti-virus scanning capabilities. This may also include signature replacements, or the removal of prior signatures when they are no longer able to properly scan for the revised signature viruses. That is why computer experts advise users to always update their anti-virus scanners when vendors send out packets.

Posted by at No comments:
Labels: ,

Zero-Day Threat




This post is a continuation of my previous note on "Zero Day Virus" featured in one of my terms of the day.

What does Zero-Day Threat mean?

A zero-day threat is a threat that exploits an unknown computer security vulnerability. The term is derived from the age of the exploit, which takes place before or on the first (or “zeroth”) day of a developer’s awareness of the exploit or bug. This means that there is no known security fix because developers are oblivious to the vulnerability or threat.

Attackers exploit zero-day vulnerabilities through different vectors. Web browsers are the most common, due to their popularity. Attackers also send emails with attachments exploiting software attachment vulnerabilities.

A zero-day threat is also known as a zero-hour attack or day-zero attack.
 

Zero-Day Threat


Zero-day exploits are often put up by renowned hacker groups. Typically, the zero-day attack exploits a bug that neither developers, nor the users, know about. Indeed, this is exactly what the malicious coders anticipate. By discovering a software vulnerability before the software's developers do, a hacker can make a worm or virus that can be used to exploit the vulnerability and harm computers.

Not all zero-day attacks actually take place before the software developers discover the vulnerability. In certain cases, the developers discover and understand the vulnerability; however, it may take some time to develop the patch to fix it. Also, software makers may occasionally postpone a patch release to avoid flooding users with several individual updates. If the developers find that the vulnerability is not extremely dangerous, they may decide to postpone the patch release until a number of patches are collected together. Once these patches are collected, they are released as a package. However, this strategy is risky because could invite a zero-day attack.

Zero-day attacks occur within a time frame, known as the vulnerability window. This extends from the first vulnerability exploit to the point at which a threat is countered. Attackers engineer malicious software (malware) to exploit common file types, compromise attacked systems and steal valuable data. Zero-day attacks are carefully implemented for maximum damage - usually in the span of one day. The vulnerability window could range from a small period to multiple years. For instance, in 2008, Microsoft revealed an Internet Explorer vulnerability that infected a few versions of Windows released during 2001. The date in which this vulnerability was initially discovered by the attacker is unknown, but the vulnerability window in such a case might have been as much as seven years.

Posted by:
Posted by at No comments:
Labels:

Zero Day Virus



Zero Day Virus

Defining the Term:
A zero day virus is a malicious software program that is not documented prior to a given day, according to Techopedia.com. When the virus is officially recognized and identified by an organization in the anti-virus community, it becomes a zero day virus. Professionals use zero day as the benchmark for responding to a computer virus.

Zero Day Virus
A zero day virus has a particular application to the anti-virus industry. Anti-virus software makers work from specific key principles, including the need to protect their clients from as wide a range of viruses as possible, and to limit, as well as mitigate, cyberattacks. This is a very competitive metric within the industry, as business/government clients and individuals seek to obtain the best anti-virus protection for their networks.
One problem with a zero day virus is that because it is not previously documented, it does not have a signature. Signatures involve reviewing the method and coding of a virus to anticipate and protect systems against the virus. One method of working against zero day viruses is the heuristic anti-virus method, which, using experience-based analysis, looks at other factors besides a signature for a virus to try to predetermine what a system needs protection against and what might be a virus.

Via: Cory Janssen

Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)