An A-Z guide to the technical terms used in digital security
W32 / W64
W32 is the platform designator for malware that is designed to run on the Microsoft Windows operating system (OS) on a machine with a 32-bit processor chip.
Though 32-bit chips are still common, many systems now run on machines using a 64-bit chip. F-Secure identifies threats designed to run on 64-bit machines as W64 malware.
The converse of blacklisting, whitelisting was originally used to filter spam email by only accepting traffic from a list of known and approved email addresses.
Nowadays, whitelisting is used not only to filter spam, but also applications and web traffic. Many antivirus products today allow users to control a whitelist of applications permitted to send traffic over a network.
Most antivirus products also include content filtering, which allows a user (or an administrator) to control the websites that can be accessed by the web browser.
Compiled by a collaborative group of security experts known as the WildList Organization, this list identifies 'in-the-wild' threats that were reported to be actively affecting users during the past month.
A directory found in the Microsoft Windows operating systems containing critical details of the settings and options selected for the operating system, most applications and hardware, users and their preferences and so on.
A 'registry key' is an identifier for the item (application, hardware, etc) being affected; a 'registry value' refers to the setting or option that is selected. The Registry and its keys can be viewed and edited using the Registry Editor (Regedit.exe), commonly referred to as Regedit.
Most malware make modifications to the registry in order to perform their intended actions, most commonly by adding a registry key that allows their malicious components to run each time Windows starts, or altering a registry key to prevent security software from scanning the device.
A program that replicates by sending copies of itself from one infected system to other systems or devices accessible over a network. Though most worms only focus on self-propagating, some also include other malicious actions in their payload - for example, installing other malware, changing the system settings and so on.
A worm is usually classified based on the type of network it uses to spread, such as the Internet, email, IRC chat channels, peer-to-peer networks, Bluetooth, SMS or social media networks.
A worm-infected machine can suffer from productivity and network issues if the malware's distribution of its copies takes up to much of the system's resources. If many machines in a network are simultaneously sending out worm copies, the entire network may be affected, causing significant disruption and inconvenience.
For more information, see the article Worms.