Your browser is obsolete!

The page may not load correctly.

The rules of ”basic hygiene”

Правила гигиены

Other issues in this category (69)
  • add to favourites
    Add to Bookmarks

Every hour counts

Read: 750 Comments: 2 Rating: 9

"Updates are ready to be installed"—an annoying message, right? But there’s no escaping reality. New vulnerabilities are constantly being discovered in applications. It doesn't matter who actually discovered a loophole. Sooner or later, it will be made public, the developer will release a security update, and even criminals who didn't know about the vulnerability will become aware of its existence. How much time do users have before an attack begins?

Another example of an attack shows how criminals try exploiting not only vulnerabilities in web applications but also loopholes in device firmware. Information about CVE-2017-8220 was published on April 25, and on April 28 the first attacks were mounted on devices.


Figure 8. An example of a “remote code and shell command execution” attack being discovered

Thus, only a few days can elapse between when information about a vulnerability is published and that vulnerability is exploited. (This timeframe can vary depending on how complicated a vulnerability is to exploit). If a web application comes under attack, the perpetrator will first attempt to leverage the most recently discovered vulnerabilities since they probably haven't been patched yet.

Three days. Provided that two of those days could fall at the weekend, the timeframe is very short.

And here is another interesting question: at what time of day is an attack launched?

The average attack intensity in the space of 24 hours for one company. The figure below contains values for all industries (the local time was used for each organisation).


To illustrate our case more clearly, let's use PT AF to draw a graph for April 17 for one of the companies.


As you can see, the attack intensity clearly correlates with employee activity—when they get to their desks, the time before lunch, and the end of working hours. The fourth peak, which occurs at night, can be explained by the fact that during these hours, the probability of the company’s security service responding to the attack is lower.

#vulnerability #security_updates #anti-virus_updates

Dr.Web recommends

The above statistics indicate that security updates must be applied no later than two days after their release. But never later than that! Meanwhile, anti-virus updates must be installed immediately after their release. For that to happen just make sure you don't change the default update schedule that has been set by the developers.

Rate this issue and receive Dr.Weblings! (1 vote = 1 Dr.Webling)

Sign in and get 10 Dr.Weblings for sharing the link to this issue via social media.


Unfortunately, due to Facebook's technical limitations, Dr.Weblings cannot be awarded. However, you can share this link with your friends for free.

Tell us what you think

Leave your comment on the day of publication and get 10 Dr.Weblings, or get 1 Dr.Webling for a comment posted any other day. Comments are published automatically and are reviewed by a moderator. Rules for leaving comments about Doctor Web news items.

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.