Document Vulnerabilities with Windows XP - Improve your Security

Jul 17
19:17

2007

Sam Miller

Sam Miller

  • Share this article on Facebook
  • Share this article on Twitter
  • Share this article on Linkedin

With the launch of Microsoft Vista at the start of the year, revisiting the basics with XP to ensure your security and privacy is still relevant as most of us are still using it !

mediaimage

XP users still outnumber Vista users and that is likely to continue for quite some time as business users await their software refresh cycles to come around before upgrading to the new operating system.  Meanwhile,Document Vulnerabilities with Windows XP - Improve your Security Articles the personal user market holds back and waits for any issues with Vista to be taken care of before parting with the hefty price tag for the new OS.  With that in mind, it makes a lot of sense to revisit the XP security basics for maintaining security and avoiding getting hit by an online nasty..

The release of Service Pack 2 (SP2) attempted to deal with some of the more common security issues presented to users.  A major loophole that was addressed was the vulnerability from opening a document from the Web by clicking on a hyperlink which opens a document containing malicious code and which then gains access to the users machine.  Notwithstanding the efforts of Microsoft to enhance document security, it is incumbent on the user to be aware of the inherent risks of opening Web based documents. 

An error message along the lines of :

"The exception unknown software exception (0xc0000409) occurred in the application at location 0x00000000.

Click on OK to close

Click on CANCEL to repair"

Clicking on these user friendly messages executes the malicious code and you become infected.  It is better to close such a dialog box down by clicking the "x" in the top right corner if you ever get to this stage.

It is important to realize that we are not simply dealing with MS Word documents but also Excel, Powerpoint, Visio or other files produced by XP run Office applications.  Earlier this year a vulnerability appeared with fully updated Excel application running for opening a spreadsheet titled MSExcel.h.  This recent document contains a trojan that existing anti-virus software is coming to terms with and which if untreated will simply lead to Excel crashing.

This just serves to reinforce user practices that include scanning recent documents that have been downloaded from the Web by an up-to-date anti-virus application such as Mcafee or Norton.  This is an absolute security essential as well as running regular anti-spyware and other malware utilities to further protect your privacy.  It is not only those files that you download directly from the Web that you need to be wary of, you also need to ensure that plugging in portable storage media also require a guarded approach.  If you are transferring files from a USB stick or a disk, remember to scan the XP files and documents preferably before you transfer them to avoid the risk of infection.

Make sure that you regularly back-up your data to avoid the risk of losing recent documents and files from malicious attack.  This, of course, applies no matter what operating system you are using and is simple common sense however all too often, recent documents and work are lost irretrievably by not taking simple precautions beforehand.