Well, SANS did another report on how long an unpatched, Windows system would survive on the Internet without being infected by something.

Then did the same study in 2003 and in 2004 and each time the length is drastically reduced. This points to two things: 1st the necessity for SP2 or SP3 today and the fact that the Internet underground is getting much more sophisticated every day.

2003 = 40 minutes
2004 = 20 minutes
2008 = 4 minutes

The problem with the numbers above is that nobody (I think) uses an unpatched system today. At least no body I know does. But then people are always proving me wrong when ever I say something like "no body is that stupid".

The latest example of stupidity is a piece of spyware that targets computer gamers. It is common for gamers to let their shields down to get some extra performance. They turn off their Anti-Virus and Personal Firewall so they can get an edge over their opponents. They also tend to down-load cracked versions of the game. The system is now defenseless and probably has software on it that is infected with a backdoor. Now a piece of spyware can elbow its way onto the gamers system. It gives all the virtual booty to a third party. That third party then sells it for hard cash. Jack Sparrow would be impressed.

It turns out that the power and belongings some players gather when they beat others is sometimes worth thousands. People are willing to pay to get that power and those items they can't get normally. I guess the same thing has been done for years in team sports when one team bolsters the teams standing by luring a good player over to their side with money and sponsorships that are worth millions. In Dungeons and Dragons (I was playing in the late 70s about the time the Advanced D&D manual came out), we would trade characters, weapons, and spellbooks. "I'll trade you a wizard for that +6 sword". Today the rules are different and the bad guys are taking advantage of them.

But the point I'm trying to make is that according Microsoft's spokesperson, gamers are an easy target since they weaken their systems defenses. This should be a lesson to anybody who turns off their AV or PFW because of the inconvenience. Vista isn't immune either. If I could get a nickel every time I hear someone say they turned off UAC (Universal Access Control) because they were tired of all the pop-ups.

The solution is to always harden your system as much as you can before getting on the Internet. Use a NAT router especially since most ISP's today are providing them in their package. ASAP get all updates and service patches for both your OS and for your AV. If you can, get the latest SP (currently SP3) on another machine before you to online. But by turning the NAT router, and Windows Personal Firewall you will be cutting most of the attacks back and can safely update your OS and AV to get even more protection.