Hackers target APAC Windows vulnerability

Close to 70 per cent of Windows-based PCs are vulnerable to this attack: Websense

Websense estimates that close to 70 per cent of Windows-based PCs are vulnerable to attack, by a zero-day exploit.

The vulnerability allows attackers to execute code on a machine when the user visits a malicious website.

This can happen when the user is tricked into clicking a link in an email or via compromised legitimate websites.

Websense senior security research manager Carl Leonard said the discovery suggests that the hackers were using this exploit to specifically target companies in APAC.

“Websense estimates that close to 70 percent of Windows-based PCs are vulnerable to this exploit,” he said. “Given the huge attack surface, the actors behind these campaigns are racing to target companies before a patch becomes available.

“We anticipate that as more information of this zero day comes to light, the exploit will be weaponised and packaged into exploit kits rapidly, greatly increasing the number of attackers with access to this exploit.

But Leonard said all was not lost as they generally fell into an attack pattern.

“When you take the approach of looking at the entire attack chain for suspicious behaviour, rather than waiting and hoping to catch something on the last step of the process, you have many more opportunities to spot and disrupt an attack - even if it's malware you've never seen before," he said.

“Websense strongly encourages IT administrators to install the Microsoft FixIt patch to stop the vulnerability while waiting for a formal patch from Microsoft.”

FILL IN THE SURVEY - AND YOU COULD BE A WINNER: ARN wants to hear from YOU. Tell us how you run a successful business and you could win an adrenaline-fuelled adventure of your choice. COMPLETE THE ARN SURVEY.

Tags hackersWindowszero-day vulnerabilitywebsense

More about APACMicrosoftWebsense

ARN Directory | Distributors relevant to this article

Comments

Comments are now closed

 

Latest News

04:18PM
Federal Goverment prepares new laws to tackle cyberbullying on social media
03:40PM
Myriad IT puts charitable fund in the Cloud
01:40PM
Mobile Manufacturers Forum backs Telstra’s initiatives for disabled Australians
11:34AM
Telco complaints hit six-year low
More News
17 Sep
NetSuite: The ROI of Cloud Computing for VARs
17 Sep
SAP HR Connect
18 Sep
How the shift to subscription-based licensing is introducing new risks that ever...
18 Sep
National Data Centre Roadshow - Canberra
View all events