Block Potential Attacks Aimed at Firefox

Plus: Stop the bad guys from sneaking in through a hole in Windows' remote access.

Stuart J. Johnston is a contributing editor for PC World.

PCs have grown increasingly vulnerable. In the second quarter of this year, 442 security holes were found in software, according to a report by the SANS Institute, an organization that helps keep computer users safe online. This total is up by 10 percent compared with the previous quarter and is nearly 20 percent higher than in the same period last year.

The vulnerable programs include such usual suspects as Internet Explorer, along with increasingly popular apps like Firefox and ITunes. Recently, three holes were discovered in Firefox, the latest in a growing list for this browser. Two of the flaws could let an attacker control your PC, copy files, or plant a sleeper app (known as a bot) on your hard drive. You probably won't even know that your system has been infiltrated. The attacker could also use the bot to turn your machine into a so-called zombie, to send spam in league with other infected PCs. And your system could be used to infect other PCs or to send e-mail messages aimed at crashing other computers and Web servers--an exploit known as a denial-of-service attack. To get infected, you must click a planted link on a Web site.

The third flaw could let a miscreant trick you into giving out information such as credit card numbers or passwords. Say you visit a site containing a poisoned link that, when clicked, triggers the download of malware onto your PC. That malware hides in your PC and unleashes its mayhem when you visit a site (for example, your bank's) that requires entering personal data in, say, a pop-up window. That pop-up seems to be from the trusted site, but in reality it is the attacker's. Though no one has reported attacks yet, it's best to patch these holes; download Firefox version 1.0.7.

Remote-Access Flaw

Microsoft has patched a glitch in Windows' Remote Desktop Protocol (RDP) that could enable a malefactor to crash your machine. If you have enabled RDP, your PC is a sitting duck, waiting to be targeted by an automated program that sends corrupt RDP requests (messages that one computer sends to another, asking Windows to allow access to that system).

RDP lets you connect to a remote PC and use it as if it were the one sitting in front of you. RDP also allows support technicians to control your system to help you diagnose and fix computer problems.

If your PC is equipped with both Windows XP Media Center Edition 2005 and Microsoft's Media Extender device, your system is vulnerable because it has RDP enabled by default. The glitch also affects Windows 2000 through XP SP2, but unless you enable RDP in these versions, you're safe; it is turned off by default. The patch is available here.

Beware of Fake Microsoft Bug Alert

The U.S. Computer Emergency Response Team (US-CERT) and research firm Websense Security Labs have reported an e-mail scam disguised as a Microsoft Security Bulletin. Although phony bulletins are not a new concept, this one is sneakier than earlier iterations because it looks more legit and urges you to click a link instead of an attachment to download the update.

The fake message is labeled "Microsoft Security Bulletin MS05-039: New patch against W32/Sober, W32/Zafi, W32/Mytob" and claims to fix an issue affecting Windows NT through XP. But what you get is a Trojan horse that compromises your PC's security.

If you receive a security bulletin, browse here to verify its authenticity and to get details about the real alert. For more advice, click here.

In Brief: Tablet PC Memory-Slowdown Patch

Microsoft has patched a memory leak in Windows XP Tablet PC Edition 2005 that causes a gradual decrease in available system memory. This problem could eventually degrade performance, making applications run painfully slowly or freeze frequently. Click here to get the company's hot fix.

Bugged?

Found A hardware or software bug? Tell us about it via e-mail at bugs@pcworld.com.