- 1
- 2
- < previous
Click here for case studies, whitepapers and other useful vendor content Newsletter Subscription
And while Microsoft Thursday said Vista's version of IE7 protects users, eEye's Brown added that browser-based attacks aren't the only game in town. "I get the PR [public relations] angle they're going down, but there are all sorts of ways this can come in, including HTML e-mail. Vista's not immune."
Websense said in a separate alert that it had identified at least nine different sites hosting the animated cursor exploit as of last night. Dunham, of iDefense, could only narrow it to "multiple domains," but added that they point back to two hostile servers, both based in China.
Both iDefense and Websense pinned blame on known hacker groups. Dunham said his team had traced the attacks to the Chinese Evil Octal forum, a group using a server supposedly registered to the Guilin University of Electronic Technology in Guilin, Guangxi Province, People's Republic of China. For its part, Websense claimed a link between the newest attacks and the group responsible for hacking the Web site of Dolphin Stadium in Miami, Fla. -- the site of the 2007 Super Bowl -- just days before this year's game between the Indianapolis Colts and the Chicago Bears.
The next regularly-scheduled Microsoft patch release date is April 10, more than a week and a half away. However, Microsoft has not yet committed to a fix date, much less to April 10. Thursday, a company spokeswoman would only say: "[We] will release an update for this issue at the conclusion of our investigation."
"The thing that really bugs me about this," said Brown, eEye's CEO, "is that it affects Vista. This is a known vulnerability that has a connection to a vulnerability patched in January 2005. I'm not sure what happened; maybe they checked in old code for Vista and then didn't fully check it against known vulnerabilities." More than two years ago, in its MS06-002 security bulletin, Microsoft credited eEye with providing information on a bug involving cursor, animated cursor and icon files.
"Worse, we know there are vulnerabilities that can be exploited in Vista to escalate privileges," said Brown. "All you need is access to the system, which this [animated cursor] provides." Once inside, said Brown, the attacker could up rights from even a safer local user to administrator privileges.
"Then, all bets are off."
- 1
- 2
- < previous
ARN Member Login
ARN Panel Sessions: Day 3The last of our panel sessions recorded live at CeBIT 2008. Today, the topic is storage. Data is growing at an enormous rate, so what does the future hold?
Weekly Tech News Update: 8th September, 2008We're back again at the IFA consumer electronics show in Berlin where a virtual mirror helps you see the latest fashions, Samsung introduces a laptop that's lighter than air, and a prototype LCD TV is the thinnest on the show floor.
Brian's bloopersIt takes a long time to produce an episode of Channel Watch. Maybe you'll understand why after watching this...
When an IT disaster occurs, how handy it would be to push a button and start again as if nothing had happened.
Discover and learn more about CA XOSoft today.
NetSuite First with Native Support for Google Chrome 08 September, 2008 11:07:00
Frost & Sullivan: Soaring Demand For Hosted Web Conferencing Services 08 September, 2008 08:44:00
Viva la Verticals! Key to Vendor Growth is Through Vertical Market Opportunities, Says IDC 05 September, 2008 11:05:00
VIA ARTiGO Autumn Sweepstake Now On: Win an HP Mini! 05 September, 2008 10:27:00
F-Secure delivers fastest protection in the online world 04 September, 2008 16:50:00
Bankstown Council streamlines their IT with Microsoft® Windows Server® 2008
Deciding it was time for more streamlined operations, Bankstown Council teamed up with OSS Infotech, a Microsoft Gold Certified Partner. The solution included Microsoft Windows Server, Microsoft SQL Server® and Microsoft Exchange®.
Subscribe to ARN
