Another Day With My PC

Are you receiving patches and other updates from Microsoft automatically?

I used to be irked at this option when I was still using a dial-up connection because the download slows up everything. I even played with the thought of deactivating the auto-download option of Windows Update. Luckily my DSL subscription got approved immediately so I shelved off the ill-advised plan of just manually downloading the updates whenever I deem it convenient.

Those who turned off the auto-update feature of Windows to save themselves from the bothersome process might have ended up getting more annoyed by intrusive pop ups. In case you don’t know, many of the patches are security-related. Malware authors have been very creative these past few years. Although I’m sure you’re anti-virus software could off ward most of the unwanted applications circulating around the Internet, some could easily bypass it.

The most recent patch that Microsoft issued plugged a hole in many of its operating systems, including Windows Vista. The update was branded as a critical one since hackers could easily access computers without the patch.

The malicious program works by modifying “.ani” files. Files bearing such extension are used in managing cursor processes and appearances. Once installed, the malicious software can record every keystroke that the user makes on his computer. You could just imagine how dangerous this type of malware is. Hackers would be able to know the log in details of your e-mail account, or worse, your bank account.

Security experts did not confirm if the authors of the unwanted program intended to use it to access bank accounts. What they do know is that the hackers are targeting the log-in details of the user’s World of Warcraft account. The log-ins of this popular multiplayer PC game will then be sold to interested buyers.

In case you don’t know, developing online game characters or accounts is a lucrative undertaking. Players spend countless hours trying to improve their account in order to play in the higher levels. Since not all are talented enough to play at the higher stages or to obtain the gadgets or features that are only available to accounts or characters that have surpassed certain tests, some have opted to just buy them off from the skillful players.

Ken Dunham of VeriSign’s iDefense has disclosed that the authors of the malicious software come from China. Microsoft was so worried about the vulnerability that it released the patch ahead of schedule.

The release of the update doesn’t ensure that the Chinese hackers won’t be able to obtain the data that they’re looking for. As I’ve lamented earlier, there are users who turned off the automatic update feature of their operating system. As a result, their units might have already been infected by the unwanted application. Many weren’t aware of this danger. I admit that I wasn’t either. This is quite surprising and alarming though, considering that Microsoft already new of the threat as early as December of last year.

For those of you who don’t receive critical updates automatically, visit Microsoft’s site immediately and install the patch.