A
new virus going by the name Swen and Gibe.F is making its way through
email clients at a brisk pace that highlights the depth of security
issues in Windows. Not to belabor the point, but this is such a perfect
example, I couldn't let it slip by without at least a little attention.
New security flaws are not where the big damage occurs. It's the old
ones that have had patches available for a significant period of time
that often bite hardest. Swen and Gibe.F illustrates just how serious
the lack of applied patches on the part of end users truly is. A two
year old IE flaw is the target of this latest bug, and it's spreading
at a pace that rivals most other email worms. Contributing to the
spread is the fact that the worm appears to come from Microsoft
sporting a security patch, prompting unaware users to launch the
virus-laden payload. Issuing effective patches quickly means very
little. The number of flaws must subside significantly in order for any
real impact to be seen down the road.