As well as visually showing us a hack into Vista (well that took a long time coming didnt it??) He went into great detail about the way that attackers seem to be concentrating on non-Microsoft applications. The reason is clear, Microsoft, despite their obvious issues, have gotten better at Security. People like Apple, Symantec, McAffee, IBM and Adobe are now the applications that are being exploited, and not just by the intelligent hacker. Check out applications like Metasploit (www.metasploit.org) and you will see how easy it is to take advantage of flaws within many of the applications that have become ubiquitous on many of our desktops.
The answer is clear, update to the latest versions, install the patches that have been released and understand which of your users have these applications installed (know how many iTunes users you have?)
The tools available to you currently may not offer that, so my advice is to ensure that whatever you choose, you ensure that the following criteria are met:
- Does your solution provide you a real time view of the applications installed?
- Does it provide visibility and control in heterogenous environments?
- Does your solution allow you to distribute patches to non Microsoft applications?
- Does your solution provide you with the ability to enforce policy by allowing or dissallowing applications?
I dont mind which solution you decide to use, but if you follow these key points, you can only make your user base (and therefore your data) safer.
