iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > News > Security News > Microsoft Employees Offer Protection From Google Results
Search:
[ news_security_news ]

Microsoft Employees Offer Protection From Google Results



Doug Caverly
Staff Writer
2006-07-12

SecurityProNews: Insider Reports Insider Reports RSS Feed


Some of the sites Google indexes will automatically redirect you to executable files. This can be convenient, if you're trying to download something like Firefox, as Claudiu Spulber was. But it might not be such a good thing if some sort of malware is on the other end of that link.

Spulber calls it "a security risk, even a high one . . . . Sites full of spyware might use this redirect bug to have spyware executables indexed and when the user will click it automatically installing all the malware in the world. I've tested this." Spulber writes of "a link from yaguo.com that is an executable file containing spyware," noting that "I've downloaded this specifially and monitored it, and it installs spyware."

"This is wrong and should be corrected," Spulber concludes. But as an article on Email Battles explains, that's not necessarily the case.

"Search engines can't simply ignore executables, because most of us need to find them now and again," the article reads (apologies to the author - his or her name did not appear to be mentioned). It goes on to suggest a couple of protective measures.

There is a mention of how "Michael Howard, a Senior Security Program Manager in Microsoft's Secure Engineering group, whipped up DropMyRights, his freebie utility." Aaron Margosis, also of Microsoft, "ginned up" another tool, called MakeMeAdmin.

Margosis writes, "When you run it, you get a Command Prompt running under your normal user account, but in a new logon session in which it is a member of the Administrators group. This Command Prompt and any programs started from it use your regular profile, authenticate as you on the network, but have full local admin privileges. All other programs continue to run with your regular, unprivileged account."

If the way in which Google (and other search engines) can link to executable files makes you uneasy, the tools are worthing checking out.

Add to | DiggThis | Yahoo! My Web

Technorati:


About the Author:
Doug is a staff writer for SecurityProNews, InternetFinancialNews, SearchNewz, and WebProNews.

More news_security_news Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - $line) { echo $line ; } ?> All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds