Posted: 18th Aug, 2004 By: MarkJ
Given that many pre-built PC's don't come with the very latest security patches, it's thus unsurprising to find that, once connected to the net for the first time, most will only last 20 minutes before being hit by a virus.
The results come from the latest SANS Institute statistics, which finds that the half life of many new PC's on the Internet isn't even long enough to download the latest security patches:
SANS calculated the survival time of a PC using the average time between probes of an average target IP address from worms attempting to propagate for an average target IP address.
"If you are assuming that most of these reports are generated by worms that attempt to propagate, an unpatched system would be infected by such a probe," said the Institute in a statement. However, it said, the result is only an average, and times will vary widely from network to network.
"Some of our submitters subscribe to ISPs which block ports commonly used by worms," said the Institute. "As a result, these submitters report a much longer 'survival time'. On the other hand, university networks and users of high speed Internet services are frequently targeted with additional scans from malware like bots. If you are connected to such a network, your 'survival time' will be much smaller."Readers should take the MS Blaster worm as a perfect example because it comes in through your Internet connection and not an e-mail (it finds you).
Typically broadband users with static IP's would be most at risk because they're easier to find and online longer. These days anybody selling a pre-built PC should really make sure they can update it before sale. More @
ZDNet.