Hackers Tunnel In Via DirectShow
Plus: Obama names fed ITSec chief; QuickTime, iTunes fixed; Twitter users targeted yet again.
As Microsoft steps up its security efforts for its products it seems that hackers are just as fervent in their pursuits.
For the third time in as many months, Microsoft has issued an out of band, critical security advisory for remote code execution exploits on one of its products. This time, there's a bug in DirectShow, meaning that any browser utilizing a multimedia a plug-in relying on DirectShow is also vulnerable.
According to a recent Microsoft Security Response Center blog post, hackers are using malicious QuickTime files to hijack PCs via DirectShow as a conduit.
"The vulnerability could allow remote code execution if [the] user opened a specially crafted QuickTime media file," the company said in the advisory. "Microsoft is aware of limited, active attacks that use this exploit code.
Former Microsoft Security Honcho Joins Feds
The U.S. Department of Homeland Security on Tuesday named former Redmond cyber security manager and policy wonk Phil Reitinger as director of the National Cyber Security Center. Reitinger succeeds Rod Beckstrom and according to the DHS, is charged with "collecting, analyzing, integrating and sharing cybersecurity information across all the federal agencies."
Reitinger, was once both a director and senior security strategist with Microsoft's Trustworthy Computing Security Team, after having been Executive Director of the Department of Defense's Cyber Crime Center.
Reitinger's appointment comes on the heels of a major initiative by the Obama administration to at least scratch the surface in figuring out what domestic and global challenges in IT security are for the public and private sectors.
In that announcement, Obama also announced a new White House position to be filled, called the cybersecurity coordinator. There's no word on how instrumental Reitinger will be in a process that will involve many cooks in the proverbial IT security pro kitchen as the process goes forward.
Apple, RIM Patch Flaws
Apple issued patches for QuickTime and iTunes. The updates, first released on Monday, are designed to remedy at least 10 QuickTime holes and one vulnerability in iTunes. Apple said the flaw transcends the aisle, affecting both Windows and Mac-based versions of QuickTime 7.6.2 and iTunes 8.2.
Research in Motion Ltd. rolled out a patch for another flaw in its BlackBerry Enterprise Server's attachment service. Apparently the snafu with potentially malicious .PDF files continues to plague the hardware marker.
A year ago, RIM issued a similar patch to stop malicious code that was distributed via a cluster of updates to BES systems. Like that patch, the most recent one is designed to fix a bug in BlackBerry's attachment download mechanism, which enables users to open up documents from the mobile device.
As enterprise use of Adobe or other PDF-type files on Blackberry devices grows, this will no doubt be an issue that RIM will continue to grapple with and try to fix every time it occurs.
Twitter "Twoubles" Continue
I'm plumb out of witty "twitterisms" to describe the ongoing security breaches on the popular micro-blogging and social networking site. But incursion incidents are nonetheless still occurring. Late last week, Twitter users were again being duped into disclosing login and password details to a Web site called TwitterCut that takes their information and then spams a given user's "followers" with messages disguised as if they were coming from the compromised user profile.
Security vendor F-Secure opines that the TwitterCut homepage looks so similar to the real login page that users logged in and immediately found out they'd been had.
The hosts of TwitterCut claim they had no ill intent and were instead trying to utilize Twitter as an avenue to create followers quickly and leverage hits and viewership for online ad sales purchases. TwitterCut's creators claim they procured the Twitter login script for 50 bucks. The site has nonetheless been marked by Microsoft and others as a malicious Web Site and will show up in IE and other browsers as such.
Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.