• PC World
• »Software

Threat: Old Antivirus Apps

"The problem is, a lot of people get a free version of those things, and they don't subscribe," Paller explains. "They install it on their computer and think they're okay, and then they're dead--what looks like a nice gift of a free antivirus tool becomes a threat," he says.

If your subscription has run out, upgrade to the latest version of the application, resubscribe to another year of updates, or shop around for a new program. No-cost alternatives include AVG Free and Avast Home Edition. We put these and eight other antivirus utilities to the test in "The New Virus Fighters."

One threat that didn't make the SANS list was Sony BMG's clumsy attempt to prevent its songs from being distributed over peer-to-peer networks. Malicious software writers quickly developed a worm that exploited a file-hiding "rootkit" in the third-party copy-protection software used on 49 of Sony BMG's CD titles.

So what to do? Though new vulnerabilities pop up seemingly every day, the oldest ones still present the greatest threat, Gartner's Pescatore says. Taking even the most basic security precautions--namely, keeping your Web browser and your antivirus software up-to-date--can keep you ahead of the game.

Empty Advice?

Paller is less optimistic about the situation. Most Internet users have things other than online security on their minds, and the boilerplate advice dished out by well-intentioned advocates doesn't help much, he says.

"I think words like 'Be diligent' are stupid. I don't think people are diligent," he explains, "[and it's] because they're busy. So I think they're just going to have a lot of machines taken over and used and filled with spyware."

The situation won't change until consumers pressure software makers to place a greater emphasis on security, Paller adds. That's already happening in the corporate world, as buyers are writing security requirements into big contracts. On the consumer front, the success of products like Firefox that concentrate on security could inspire other vendors to step up their game.

Paller believes that a heavyweight such as Microsoft will eventually find a way to bundle software updates from other vendors along with its own--a scenario that might make life easier for users but could upset rivals already concerned about Microsoft's dominance.

Stay tuned.