Wednesday, 07 January 2009
Home arrow Advertises arrow Vulnerabilities arrow Microsoft - Our Bugs Aren't The Only Problem
Security software
Anti spam tools
Anti spyware tools
Antivirus
Backup
Encryption
Firewall
Free software
Passwords managers
Popup ad blockers
Other
Other
Submit software
Security news
Security information
Contact us


RSS
Security software
Security software


Security software reviews
Newzsearch
Affiliate Programs
Hand guns
Criminal Defense Lawyer


Microsoft - Our Bugs Aren't The Only Problem
Sunday, 09 April 2006
Attacks that rely on "social engineering" tricks to fool users into visiting malicious Web sites are just as dangerous as any that exploit software vulnerabilities, a Microsoft security researcher argued this week. Attacks that rely on "social engineering" tricks to fool users into visiting malicious Web sites are just as dangerous as any that exploit software vulnerabilities, a Microsoft security researcher argued this week.

According to Matt Braverman, a program manager with Microsoft's Anti-Malware Technology Team, data from the group's Malicious Software Removal Tool shows that dupes are as crucial to attackers as bugs.

February's update of the Malicious Software Removal Tool -- the utility is refreshed on the same schedule Microsoft uses to release security patches -- discovered an unusually high number of Alcan.b worms on users' PCs.

Microsoft's cleaning utility runs on about 250 million computers each month, said Braverman, and after its Feb. 14 update, it detected Alcan.b on more than 250,000 machines, or one-tenth of one percent.

"[That was] easily the top detection for the month," said Braverman. "Compare this to the MyWife.e worm (aka CME-24), which we removed from approximately 40,000 computers in February.

Left unsaid by Braverman, however, was that Alcan.b harked back to mid-2005, while MyWife appeared in January 2006; the additional months could have allowed Alcan.b to silently accumulate on otherwise-unprotected PCs, since Microsoft's removal tool wasn't equipped to detect and delete the worm until February.

"Alcan.b does not exploit any software vulnerabilities. Instead, it spreads through popular peer-to-peer applications and its prevalence is likely due to effective social engineering," claimed Braverman.

Social engineering refers to the low-tech techniques fraudsters, attackers, and other criminals use to dupe Internet users into giving up identity information (phishing) or trick them into clicking on links to Web sites under all kinds of pretenses. Once at those sites, however, the users is often infected with worms, viruses, Trojans, adware, or spyware.

"Threats like this reinforce the idea that malware that exploits user weakness can be as dangerous as those threats which exploit software vulnerabilities," said Braverman.

Microsoft often posts social engineering requirements in its security bulletins as a way to downplay threats posed by flaws in Windows or its other software. The company's most-frequently-used phrasing is "An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's site."

 
< Prev   Next >
[ Back ]
Security articles
  • Rootkits the new weapon for cyber criminals (q)
  • Sniffing (q)
  • Definition: PGP (q)
  • Cryptanalysis (q)
  • Backup Hints (q)
    • © 2004-2007 Daita.org