System Loopholes
Home ] Windows Update ]


New Threats
Basic Precautions
Key Defences
Virus Scanning
System Loopholes

Have you left a window open?

Spy image
Malicious programmers often exploit specific vulnerabilities in Windows.  Here are some common entry points.

Bugs in Windows

For some time Microsoft have been actively searching for obscure security weaknesses in Windows, often caused by what programmers call an "unchecked buffer".  The destructive Blaster worm exploited a vulnerability which Microsoft had warned about over a month beforehand.  Microsoft publish "hotfixes" for these weaknesses as they are discovered.  To obtain them, simply visit the Windows Update website and follow the instructions there.


Recent versions of Windows have robust password protection, but it doesn't work unless you set a password.  Don't use an obvious password - people who know you may guess that it's the name of your partner (or dog!).  Change it occasionally.  The longer a password is, the harder it is to crack, even by specially-written "hacking" programs.


Depending on your version of Windows, you may have "Shares" set up by default.  These "administrative shares" can make it possible for other users on your part of the network (or even the Internet) to connect to your local disk.

For example, on Windows NT4.0, Windows 2000 and XP, other users will often be able to connect to the top level (the "root") of your main disk, and also to the folder containing your operating system files.  If you don't know that you need these shares, disable them!  If you do need them, restrict access permissions as far as possible.  More detailed guidance is beyond the scope of this note.  Refer to your operating system documentation or seek help.

Web Servers

It is possible to be running a web-server unknowingly, especially on Windows NT4.0 and Windows 2000.  This means computer users on the Internet can connect to your machine to obtain information and may even be able to run certain programs.

If you have the technical knowledge, you may be able to check if you have a web-server installed by running "Add/Remove Programs" from the Control Panel and browsing the tabs labelled "Change or Remove Programs" and "Add/Remove Windows Components".  Then check the Windows "Services" to see if an installed server is running.  If you are exposing a web-server, and you wish to continue doing so, check that it is configured correctly and that you have installed all relevant security "patches".  For Microsoft Windows, check the Microsoft Security Site or use the automated web-based Windows Update facility.  Microsoft have also produced a downloadable Baseline Security Analyzer (MBSA) which will scan Windows 2000 and Windows XP computers for security problems - contact  if you have difficulty interpreting the results!

More detailed guidance is (well!) beyond the scope of this note.  Refer to your operating system documentation or - for most people! - seek help.