Unpatched PCs connected to the internet are being infected by malicious software twice as quickly as a year ago, according to new research.
The survival time for an unpatched PC connected to the internet averaged 20 minutes in 2004, compared with 40 minutes the year before, according to a survey by the US security body, the Sans Institute. The report said users of broadband or poorly secured public networks would be infected more quickly, sometimes in less than 10 minutes.
Security specialist Symantec estimated that it could take seconds rather than minutes to lose control of an unpatched PC.
"Blaster is still the largest source of these sort of attacks", said Tony Vincent, lead global security architect at Symantec Managed Security Services. "It's like space junk: everything we've launched from the Earth is still up there in orbit, circling. These attacks are all still out there due to unpatched servers and they never stop running."
Once worms infect a host PC, it can be used to build networks of zombie PCs that send out spam, or launch distributed denial of service attacks against web servers.
Chip vendor AMD began building Enhanced Virus Protection (EVP) into its processor line last year, and further hardware support has been promised by Intel and VIA. AMD?s 64bit processors are now fully EVP-enabled and Microsoft is also supporting EVP in its new Service Pack 2 for Windows XP.
Professor Neil Barrett, of Cranfield University's computer security department, said: "Nothing will kill off worms but EVP may slow infections. Worms are automated hackers using vulnerabilities and the main victims are unpatched servers. These are unlikely to be running the latest technology so will continue to harbour worms."
Security firm set to become part of acquisitive Shearwater Group
Distributor merges three northern sites into one new hub in Warrington
Activist investor puts forward five director candidates as turmoil continues at security giant
Nima Green asks what is driving public cloud uptake in Germany