Conquering Complex Viruses

摘要

Viruses have been a long-standing threat to enterprise security and are becoming an even bigger threat to enterprises each year. Whether it is a virus, worm, Trojan Horse, hostile Java applet or ActiveX Control, it is likely that the malicious code was created using technology originally developed for a legitimate business purpose. Programmers are hired to write software that exposes the vulnerabilities of operating and application systems. In the course of their diagnostic work, they can create gateways for hostile technologies inadvertently. Then, through the proliferation of information available through the Internet, these technologies can become available to virus writers who may turn it into malicious code. Although vendors generally fix such security exposures in subsequent product releases, users who have not obtained the update may still find themselves exposed to a malicious attack. The highly publicized February 2000 denial of service attacks on several well-known Web sites may have been facilitated by technology originally authored to combat such attacks.