Microsoft has issued an advisory on the security issue that could leave many Windows applications that are vulnerable to attack.
The Adviser agrees with the mechanism of this type of attack known as DLL naming Preloading or binary. Although the mechanism of this attack is not entirely new or unique to Windows, Microsoft admitted that there seemed to be vekotr new remote attacks which could allow a faster system is attacked.
Two researchers at the University of California at Davis published a paper earlier this year about how vulnerable program can automatically be detected. In recent days, and creator of the Metasploit security expert HD Moore published more information about this issue, and he added vulnerability to MetaSploitnya program.
Moore said he did so in an effort to make customers aware and encourage vendors to patch their applications, and he noted that he chose not to publish a list of all affected programs. although he released a tool that can help users find something of their software is vulnerable.
As anything that might harm the complete release of the affected products and do not say anything at all, I decided to push a generic module exploits to Metasploit Framework and we released an audit that can be used to identify applications that are affected in a particular system, "Moore said in a blog post.
Evidence of the existence of the code concept makes this such a possible attack appears like in the wild, striker kemuidia see the weakness and try to adapt for their own purposes. "According to Joshua Talbot, a senior intelligence manager for Symantec's security response.
On Thursday last week (19/08/10), ACROS Security research firm, warned that iTunes is vulnerable to such attacks. However, Moore and others indicate that this vulnerability seems to hamper far more than just iTunes, with potentially dozens of windows programs that are also open to the attack.
"We are conducting a thorough investigation of this new vector abgai which may affect Microsoft products." Microsoft said in a blog post.
Microsoft said it also has released a software that allows system administrators to reduce the risk of the said vulnerability by changing the library system loading the operating system or specific applications.
Attacks using these libraries have been developed, as Windows and operating systems that have become hard to attack the meneksploitasi lack of memory, said Talbot.
Talbot recommends that users see a mitigation recommended by Microsoft is involved with changing a registry key, so the library system can not be retrieved via the network. Talbot also recommend that users take other steps. like to be careful when clicking on links or visiting websites that are not known and also to ensure that their antivirus software is always up-to-date.
The Adviser agrees with the mechanism of this type of attack known as DLL naming Preloading or binary. Although the mechanism of this attack is not entirely new or unique to Windows, Microsoft admitted that there seemed to be vekotr new remote attacks which could allow a faster system is attacked.
Two researchers at the University of California at Davis published a paper earlier this year about how vulnerable program can automatically be detected. In recent days, and creator of the Metasploit security expert HD Moore published more information about this issue, and he added vulnerability to MetaSploitnya program.
Moore said he did so in an effort to make customers aware and encourage vendors to patch their applications, and he noted that he chose not to publish a list of all affected programs. although he released a tool that can help users find something of their software is vulnerable.
As anything that might harm the complete release of the affected products and do not say anything at all, I decided to push a generic module exploits to Metasploit Framework and we released an audit that can be used to identify applications that are affected in a particular system, "Moore said in a blog post.
Evidence of the existence of the code concept makes this such a possible attack appears like in the wild, striker kemuidia see the weakness and try to adapt for their own purposes. "According to Joshua Talbot, a senior intelligence manager for Symantec's security response.
On Thursday last week (19/08/10), ACROS Security research firm, warned that iTunes is vulnerable to such attacks. However, Moore and others indicate that this vulnerability seems to hamper far more than just iTunes, with potentially dozens of windows programs that are also open to the attack.
"We are conducting a thorough investigation of this new vector abgai which may affect Microsoft products." Microsoft said in a blog post.
Microsoft said it also has released a software that allows system administrators to reduce the risk of the said vulnerability by changing the library system loading the operating system or specific applications.
Attacks using these libraries have been developed, as Windows and operating systems that have become hard to attack the meneksploitasi lack of memory, said Talbot.
Talbot recommends that users see a mitigation recommended by Microsoft is involved with changing a registry key, so the library system can not be retrieved via the network. Talbot also recommend that users take other steps. like to be careful when clicking on links or visiting websites that are not known and also to ensure that their antivirus software is always up-to-date.
0 comments:
Post a Comment
please leave a comment