Full disclousure deep technical analisys below. Beware !!!

Oct 8, 2010

SANS Cyber Security Awareness Month - My little contribute..


  1. Verify checksum of Microsoft CD/DVD you are installing from. Here (http://msdn.microsoft.com/en-gb/subscriptions/downloads/default.aspx) you can find original MS checksum for all product.
  2. Ensure Windows Update is turned on, set to install recommended updates and configured to install updates daily at a time when the computer is likely to be on!!
  3. Install latest version Secunia Personal Software Inspector (PSI). PSI monitors your Windows applications, lets you know when applications are out of date, and provides download links to help remediate. PSI is free for non-commercial use (Configure it to show also vulnerable DLL unchecking Show only "Easy-to-Patch" programs in Settings tab).
  4. Consider keep auto-updated the major ATTACK VECTOR client apps used by malware agent:


  • Adobe Flash Player

Installed version checking (http://www.adobe.com/software/flash/about/)

Flash_Player_10_ActiveX (Internet Explorer for Windows only)


Flash_Player_10_Plugin (All other Windows browsers)


>>End-user<<autoupdate settings management


>>Enterprise IT Admin<< autoupdate settings management



  • Adobe Acrobat & Reader

Installed version checking (Adobe Acrobat & Reader Menu –> Help –> About)

>>End-user<< autoupdate settings management


>>Enterprise IT Admin<< autoupdate settings management

Updater changed in version 9.3.2 and 8.2.2 and later (http://kb2.adobe.com/cps/838/cpsid_83813.html)

AutoUpdate Settings management (http://kb2.adobe.com/cps/837/cpsid_83709.html)


  • Java JRE

Important: Previous to JRE 6 Update 10, installing or updating to a newer Java version would add a new Java Runtime Environment (JRE) instead of replacing the existing version. Starting with JRE 6 Update 10, future Java updates will patch the current version by default instead of adding an additional version. This will prevent an accumulation of unused and potentially insecure older JRE versions.

Installed version checking (http://www.java.com/en/download/installed.jsp?detect=jre&try=1)

>>End-user<< autoupdate settings management


>>Enterprise IT Admin<< AutoUpdate Settings management

Autoupdate policy settings ([HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Update\Policy])

Deployment Configuration File and Properties


Deployment - Java Control Panel – Update