Patches and Internet Security

A recent article in PC World has reminded me of our discussion on Internet Security. It said that that the no. 1 security risk for computers is the unpatched software that lurks around in our system. Targeted email attacks called spear phishing are exploiting vulnerabilities in commonly used programs such as Adobe PDF Reader, QuickTime, Adobe Flash and Microsoft Office.

Apparently this is currently the primary initial infection vector used to compromise computers that have Internet access. Additionally, these same vulnerabilities are exploited by attackers when users visit infected web sites which allows the downloading of documents for the said programs.

As was said by our lecturer and reiterated in the article, the ultimate goal of the attacker is to steal data from the target computer as well as to install back doors through which the attackers can return for further exploitation such as making our computers into bots.

This is particularly alarming as many of the programs in our computers use unlicensed software that is bought from enterprising stores somewhere in San Juan. These software are unable to download the important patches that was so espoused by the article.

Thinking of this, I can't help but compare the analogy of the Maximum Retail Price imposed upon drug companies by the New Generics legislation. In essence it's the health of our computers that we are talking about isn't it? Isn't it time to think of a similar provision to lower the prices of the genuine software so as to prevent something like this from happening?