Boy, it sure seems like being number one OS in the world leaves you feeling a bit like number… well, you get the idea. Clearly Microsoft has its hands full as it works to stop this latest issue against the security of its OS. The big issue is like anything that acts as a portal to the outside world — a browser, email client, even an RSS feed — there is not going to be a magic bullet to stop these types of attacks. What Microsoft can do, however, is to stop blowing smoke at its users with statements about how secure its OS is. Clearly, this has been anything but the case. Yes, not everything in the world can be blocked security wise, but pretending that Windows 7 is made of steel is clearly not going well.

I’ve said it once; I will say it again. Anything with writable, executable actions in the technologist world is exploitable. Windows, Linux, OS X, hardware, firmware — none are 100% secure. Pretending otherwise is how we end up in total shock and awe when someone manages to do what the “experts” said was not possible previously.

As for Web browsers, all of them put the user at risk on one level or another. This is where that little thing I like to call common sense comes into play. If a user does not understand that picture.exe being clicked on is a threat, they should stop and seek schooling. As for ActiveX, Java, and JavaScript exploits, these require a bit more thought. First step: turn off the first two. As for JavaScript, allow it only on sites that you KNOW. Obviously this is too heavy handed for Lockergnome readers, but for Johnny KnowsLittle (about computers), it may be the best bet.

It’s truly unfortunate that we have to be so paranoid these days with our computers, but for the love of Pete, stop putting blind, idiot trust into various security suites. They provide malware resistance, not with a shield that cannot be overcome. Depending on Microsoft or third party functionality will ALWAYS lead to headaches. Why? Because it is us that need to be extremely careful out there. So long as a product can execute code and is hosted locally with outward access to the Internet, you are at risk. Period.

[awsbullet:Brendan Behan]