Security Advisor

Still No Fix from Microsoft for Growing Number of IE Exploits

Plus: An eighth of malware attacks come from USB devices, scareware instances are growing.

As of this week, IE has gone unpatched for more than a month.

Under normal circumstances, if an attack was widespread, Redmond would have likely issued an out-of-band patch for a critical exploit. However, due to the Thanksgiving holiday and a lack of urgency to respond to the problem that first surfaced with this security advisory entry, the problem is still out there.

Others in the security field may not agree with Microsoft's current stance.

Security experts say it's important that Microsoft release an IE patch for the last month of the year (or at least  fix  the previous "remote code execution" issue affecting all versions of the browser).

The need to patch IE cumulatively has credence, as just this week Verizon Business researchers said they had discovered "a previously undisclosed vulnerability," which allows attackers to bypass Protected Mode on both Internet Explorer versions 7 and 8.

That's two outstanding issues regarding multiple versions of IE as the year comes to a close. As Microsoft prepares its advanced bulletin this Thursday, an IE patch might be in order.

Windows AutoRun Targeted
Security shop Avast out of the Czech Republic says that one out of eight malware attacks occur through a USB device. The group says most attacks are targeting the Windows OS and, more specifically, the AutoRun function as a vector for incursion.

The company reported that of the 700,000 recorded attacks on computers in its own user community during the last week of October, 13.5 percent came via USB devices such as flash drives.

Windows AutoRun alerts computer users when a new device is connected and helps them choose which application should run the new files.

"AutoRun is a really useful tool, but it is also a way to spread more than two-thirds of current malware," said Virus Lab analyst Jan Sirmer. "The threat of USB-distributed malware is much more widespread than just the Stuxnet attacks on enterprise computers -- which were also spread via infected memory sticks."

Scareware Framework Prevalent in Pesky Trojan
Scareware is not new, but it's getting more and more common. Scareware is basically malware that comes with fake warnings that scares you into clicking on a function to run a scan of viruses on your computer, which triggers a malware incursion.

Microsoft recently looked into the evolution of Trojan:Win32/FakeSysdef, which is one such instance of a Trojan bug that hides behind a scareware greeting called "System Defragmenter." Redmond says the main goal is to trick users into buying software that does nothing, but also has them unwittingly surrender credit card information.

The phrase "System Defragmenter," which the nasty exploit hides behind, should be a red flag, as it doesn't even make any real sense; it's almost as if hackers tried to jam in too much technical jargon. Apparently, it's working on some folks.

Microsoft has posted screenshots of the offending scareware here.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Windows 10 Mobile To Fall Out of Support in December

    Microsoft will end support for the Windows 10 Mobile operating system on Dec. 10, 2019, according to an announcement.

  • Get More Out of Your Outlook Inbox with TakeNote

    Brien comes across a handy, but imperfect, feature in Outlook that lets you annotate specific e-mails. Its provenance is something of a mystery, though.

  • Microsoft Resumes Rerelease of Windows 10 Version 1809

    Microsoft on Wednesday once more resumed its general rollout of the Windows 10 version 1809 upgrade, also known as the "October 2018 Update."

  • Microsoft Ups Its Windows 10 App Compatibility Assurances

    Microsoft gave assurances this week that organizations adopting Windows 10 likely won't face application compatibility issues.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.