The fallout for DLL exploits is growing, as newly published research shows that binary planting bugs are not limited to Microsoft programs alone.
According to recently published lists, programs such as Mozilla Firefox and Adobe Photoshop have been added to the increasing number of vulnerable DLL applications that include Microsoft Word 2007, Microsoft Office Visio 2003, and Microsoft Office PowerPoint 2010. The DLL bugs, Microsoft says, are caused by applications passing an insufficiently qualified path when loading an external library. Of the 520 DLL exploits found by researchers at Acros Security, most were DLL file loading issues. The rest were due to insecure loading of executables such as exe. and .com files.
In a recent video post, CoreTrace’s Greg Valentine demonstrates how the base operating system is susceptible to the DLL hijack vulnerability, and how application whitelisting protects systems by blocking all attempts made by PowerPoint to execute corrupt DLL files.
With application developers still the ones responsible for fixing affected applications, one of the biggest challenges organizations face is knowing the number of applications that are potentially vulnerable to DLL bugs. On the other hand, networks protected by whitelisting solutions such as BOUNCER by CoreTrace aren’t hit with the extra time and resources needed to research and clean up applications impacted by malicious DLL files.
Recently, “MUTTS” at Offensive Security Training did an excellent video demonstrating the Metasploit exploit module for the “new” Insecure Library Loading vulnerability (2269637). Part of the title was “We can’t fix this one”. While I assume he meant we can’t fix the vulnerability, I wanted to show that we can prevent the attack itself. Continue reading this post…
The white flag is a universal symbol of truce, a ceasefire if you will. In war, or in this case the war against cybercrime, McAfee this week issued a sort of truce with its call to arms for the security industry to take the offensive against malware attacks. This action speaks volumes about the current state of the security industry. And we couldn’t agree more. If one of the world’s leading antivirus security software makers is saying that the cat-and-mouse game of trying to keep up with the record amount of malware seen in the first half of 2010 is not working, then we all need to sit up and listen. Continue reading this post…
Ever since malware writers swapped worldwide infamy for hefty profits, they’ve become a larger problem to deal with. And as the game of cat-and-mouse with antivirus software programmers continues, hackers remain one step ahead of their chief nemesis.
In the article, “‘Viruses Are Winning’: Malware Threat Outpaces Antivirus Software,” not only has malware gotten stealthier, it’s multiplied in variety and volume at an unmanageable rate. According to Sean-Paul Correll, a threat researcher at Panda Security, in 2006 the growth in malware samples were doubling year-after-year. By 2009, that number jumped to 25 million new strains, more than the previous 20 years combined. Continue reading this post…
An explosion of fresh customized malware continues to leave even the industry’s top security products lagging behind as organizations are doing everything they can to protect their networks and customers. Congress has even stepped up their efforts to pass legislation that better protects our digital and critical infrastructures from new cyber threats. But with more targeted attacks successfully exploiting enterprises, the question that still remains is: Are we doing enough? Here were some of the top security stories from June 2010. Continue reading this post…