Sophos endpoint assessment shows failures

Missing Microsoft security patches, disabled client firewalls, and missing endpoint security software updates were just some of the issues Sophos' Endpoint Assessment Test revealed this week.

Sophos collected data from more than 580 PCs worldwide and found the following:

* 81% of corporate endpoints tested failed one or more of these basic tests.
* 63% were missing at least one Microsoft security patch for Microsoft Windows operating system, Microsoft Office, Microsoft Internet Explorer, Microsoft Media Player or Flash Player.
* 51% of endpoints tested had their client firewalls disabled.
* 15% were running out-of-date endpoint security software or had disabled their protection altogether.

"Administrators reading these stats might think they have nothing to worry about, but based on the findings they should run this free tool and double-check the security levels within their network," says Brett Myroff, CEO of Sophos South Africa.

Of the PCs scanned, North America represented 39% of the sample base, the UK made up 36%, while Australia and Germany contributed 11% and 9% respectively. The remaining 5% consisted of other countries.

"This problem is not only affecting smaller companies. One quarter of testers represented enterprises with more than 1 000 users, while 36% were mid-sized companies ranging between 100 and 1 000 users," Myroff adds.

This week's line-up of low to medium threats includes the Troj/Dloadr-BMV Trojan. It installs itself in the registry and is affecting the Windows platform, says Myroff.

Troj/Iframe-AG, another Trojan for Windows, is redirecting browsers to a malicious site, he says, and the Troj/PWS-ARO Trojan, also noted this week, is an information stealing Trojan and again affects the Windows platform.

Also noted this week, says Myroff, is the Troj/Zlob-ALN, which installs itself in the registry, includes functionality to access the Internet and communicates with a remote server via HTTP.

According to Myroff, the VBS/Resol-A, also detected this week, is a mass-mailing VBScript that is currently spreading via e-mail attachments.

"Rather than wait for a problem to arise and be forced to perform a post mortem to find any security holes, administrators would be wise to take the Endpoint Assessment Test. It's free and might just highlight some serious vulnerabilities that can be addressed proactively," Myroff says.

The test can be downloaded from the Sophos Web site.