Zero-Day Malware Attacks You Can't Block

Protect Your PC on Zero Day

Zero-day exploits hit vulnerabilities in a program that the software's maker has not had time to patch yet. But even during this time of exposure, you have ways to help keep your computer safe.

1. Get rid of Internet Explorer 6. One of the best moves you can make to improve Internet safety is to ditch Microsoft's notoriously hole-infested browser. No program is completely safe, of course; but whether because it is inherently vulnerable or because its massive user base makes it an attractive target, IE 6 might as well have a giant bull's-eye painted on it. Upgrade to IE 7 or to an alternative browser such as Firefox or Opera.

2. Try alternatives to other programs that have been targeted by zero-day attacks. The free Foxit program displays PDFs, for instance, and OpenOffice works with many Office documents.

Patches won't stop zero-day attacks, but updates are critical for a safe PC. We recommend that you choose when to patch.

3. Enable automatic updates for Windows and other programs whenever possible. Patches won't help against zero-day incursions, but major vulnerabilities tend to remain targets even after the fixes are released, precisely because attackers know that many people don't bother patching. To check and change your Windows Update settings, click Automatic Updates in the Control Panel. To keep up with the changes to your system, we recommend choosing Download updates for me, but let me choose when to install them.

Other programs make it more or less easy to find automatic-update settings. For example, in Firefox, head to Tools, Options, Advanced, and select the Update tab (again, we recommend selecting Ask me what I want to do as the standard course of action when Firefox finds updates). To find the settings in Adobe Reader, you'll need to check manually for updates under the Help menu, and then click the Preferences button.

4. Consider choosing antivirus programs or security suites that include heuristic and/or behavioral analysis to protect your PC against as-yet-unknown dangers. Apps that are designed to perform these types of analyses supplement the more traditional signature-based antivirus software, which by definition must be aware of a threat before it can protect against it.

5. Make sure that a firewall--either Windows XP's or a third party's--is running on your PC. Firewalls block malicious worms that could otherwise scan your computer for unpatched vulnerabilities and then try to break in at a weak point. To see whether your PC is running Windows XP's firewall already, go to the Control Panel, open the Security Center, and click the Windows Firewall link. Most broadband routers also act as a firewall.

DropMyRights offers free preventive protection for any program after you alter its shortcut slightly.

6. Use a preventive-measure program such as DropMyRights to supplement your antivirus software or security suite. More and more utilities, both free and commercial, change the way vulnerable programs run to increase the likelihood that even a zero-day attack might not harm or even access the rest of your computer. We evaluate such programs in "Disarm Net Threats."

7. Stay informed. The PC World Spyware & Security Info Center carries the latest news on emerging threats, plus safety advice and security product reviews. Other good information sources include the eEye Zero-Day Tracker Web site and Brian Krebs's Security Fix blog.

Erik Larkin

Ryan Singel covers computer security as a San Francisco-based freelance author. Erik Larkin is an associate editor for PC World.

Subscribe to the Security Watch Newsletter

Comments