Security Watch

Security Alert Fake-Out

Symantec researchers tell us new "scareware" is circulating that pretends to send infected users a warning from Microsoft Security Essentials. Symantec said that the minute the malicious installer is executed on a computer, a fake MSE window pops up warning the user of an "Unknown Win32/Trojan."

Prompts then give the user the option to "Clean computer" or "Apply actions" and then once those buttons are clicked the migration of malicious code migrates over and the user gets a list of 30 or so security solutions allegedly in the process of scanning the file.

You have been warned.

Scareware Tactics
Microsoft begins the week investigating a "publicly disclosed vulnerability" in ASP.NET that the software giant says affects all versions of the .NET Framework. Redmond released a security advisory late on Friday to that effect.

The exploit, when triggered, can allow a hacker to view sensitive data in the .NET Framework in every supported OS. Specifically the hack can allow access to data to "View State," which was encrypted by the target server, or read data from files on the target server, such as web.config."

So far Microsoft says it isn't aware of any attacks. The company said it may release a patch through its regular monthly release cycle or provide an out-of-cycle security update, "depending on customer needs."

HTML5 and Security
Last week I visited San Francisco and grilled Microsoft execs about security for Internet Explorer 9, for which Microsoft released a beta version last week.

At the core of IE9's cool features is the burgeoning Web programming and code standard HTML5.

Microsoft has concurred with Google, Apple and others that as far as the future of Web graphics is concerned, HTML5 is in the top position for developers of Web programs, builders of Web sites and network administrators building Web-borne architecture.

The question remains as to how the new, fancy code stacks up security-wise. Better parsing for Web browsers and strong defenses against cross-site scripting have been named among HTML5's benefits.

But the biggest concern among all security experts is the fact that increased Web functionality can also mean an increased and enhanced attack surface.

HTML5 is going beyond simple data and media tags, and will also support new data formats and tags such as the "<canvas>" and "<video>" tags prominent in search engine optimization functions for multimedia files.

So this means that new generation browsers like IE9, which offer new layered browser sessions and utilize HTML5, will be vulnerable to file formats that are already corrupt and being loaded into the new HTML5-powered browser session.

A subset of this problem is that Javascript and imaging-related functions, as well as IE9's image parsers are known to be vulnerable to malicious code.

"Browsers have evolved substantially over time as they went from content delivery mechanism to the new generation of Web technologies which allow your browser to literally be an operating system for Web 2.0 applications," said Rob Juncker, vice president of technology for Shavlik Technologies. "This change in use-case has resulted in an explosion of attack vectors that the browser manufacturers must mitigate and manage."

As Juncker points out, hackers evolve just like browsers do.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.


  • RAMBleed Side-Channel Attack Method Disclosed by Researchers

    Academic researchers this week published information about another side-channel attack method, called "RAMBleed," that can expose information from memory chips, including encryption key information.

  • Penguin

    Windows 10 Preview Build 18917 Shows Off New Linux Integration

    Microsoft's latest Windows 10 "fast-ring" preview release is showcasing a coming Delivery Optimization enhancement, along with the ability to try the newly emerged Windows Subsystem for Linux version 2.

  • Customizing Microsoft Office 365

    While the overall look and feel of Office 365 is pretty standard across organizations, there are several ways to personalize it and make it fit better with your company's specific needs.

  • Microsoft 365 Business Tenants Getting Conditional Access and Trouble-Ticket Features

    Microsoft added its conditional access security service to Microsoft 365 Business subscriptions, according to a Wednesday announcement, and it also added new trouble-ticket features for Microsoft 365 administrators.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.