Security Advisor

Still No Fix from Microsoft for Growing Number of IE Exploits

Plus: An eighth of malware attacks come from USB devices, scareware instances are growing.

As of this week, IE has gone unpatched for more than a month.

Under normal circumstances, if an attack was widespread, Redmond would have likely issued an out-of-band patch for a critical exploit. However, due to the Thanksgiving holiday and a lack of urgency to respond to the problem that first surfaced with this security advisory entry, the problem is still out there.

Others in the security field may not agree with Microsoft's current stance.

Security experts say it's important that Microsoft release an IE patch for the last month of the year (or at least  fix  the previous "remote code execution" issue affecting all versions of the browser).

The need to patch IE cumulatively has credence, as just this week Verizon Business researchers said they had discovered "a previously undisclosed vulnerability," which allows attackers to bypass Protected Mode on both Internet Explorer versions 7 and 8.

That's two outstanding issues regarding multiple versions of IE as the year comes to a close. As Microsoft prepares its advanced bulletin this Thursday, an IE patch might be in order.

Windows AutoRun Targeted
Security shop Avast out of the Czech Republic says that one out of eight malware attacks occur through a USB device. The group says most attacks are targeting the Windows OS and, more specifically, the AutoRun function as a vector for incursion.

The company reported that of the 700,000 recorded attacks on computers in its own user community during the last week of October, 13.5 percent came via USB devices such as flash drives.

Windows AutoRun alerts computer users when a new device is connected and helps them choose which application should run the new files.

"AutoRun is a really useful tool, but it is also a way to spread more than two-thirds of current malware," said Virus Lab analyst Jan Sirmer. "The threat of USB-distributed malware is much more widespread than just the Stuxnet attacks on enterprise computers -- which were also spread via infected memory sticks."

Scareware Framework Prevalent in Pesky Trojan
Scareware is not new, but it's getting more and more common. Scareware is basically malware that comes with fake warnings that scares you into clicking on a function to run a scan of viruses on your computer, which triggers a malware incursion.

Microsoft recently looked into the evolution of Trojan:Win32/FakeSysdef, which is one such instance of a Trojan bug that hides behind a scareware greeting called "System Defragmenter." Redmond says the main goal is to trick users into buying software that does nothing, but also has them unwittingly surrender credit card information.

The phrase "System Defragmenter," which the nasty exploit hides behind, should be a red flag, as it doesn't even make any real sense; it's almost as if hackers tried to jam in too much technical jargon. Apparently, it's working on some folks.

Microsoft has posted screenshots of the offending scareware here.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Microsoft Releases Windows 10 Version 1909

    Microsoft on Tuesday announced the release of Windows 10 version 1909, a new operating system product that's also known as the "Windows 10 November 2019 Update."

  • November Microsoft Security Bundle Addresses 75 Vulnerabilities

    Of that number, 13 vulnerabilities are rated "Critical" to patch, while 62 vulnerabilities are deemed "Important."

  • The Future of Office 365 Pricing

    With a raft of new Office 365 features in the pipeline, Microsoft also seems ready to change the way it bills its subscribers. Will it replicate Azure's pay-per-use model, or will it look like something else entirely?

  • Microsoft Offers 1 Year of Free Windows 7 Extended Security Updates to E5 Licensees

    Microsoft is offering one year of free support under its Extended Security Updates program to Windows 7 users if their organizations have E5 licensing.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.