Attacks begin when users receive spam or an instant message with an embedded link, said Darren Kemp, the Symantec analyst who authored the advisory. The link takes users to a bogus MySpace log-in page, which tries to steal members' credentials as it also silently probes the their computers for vulnerabilities in Uploader, Apple Inc.'s QuickTime, Windows and Yahoo Music Jukebox.
Symantec has been tracking attacks against the Aurigma vulnerabilities most of the month. More than three weeks, ago, for example, another of its analysts reported seeing evidence of a new multi-exploit hacker toolkit -- presumably the same one analyzed by Kemp -- that included an Image Uploader attack.
Exploits against ActiveX controls are nothing unusual; scores of bugs in the Microsoft-made technology were uncovered and exploited in 2007, according to Symantec. It counted 210 ActiveX vulnerabilities in the first half of last year alone, a prime factor in making IE a popular attack target.
In fact, after the Uploader and Yahoo Music Jukebox vulnerabilities were disclosed, the U. S. Computer Emergency Readiness Team (US-CERT), which is part of the U.S. Department of Homeland Security, recommended IE users disable ActiveX.
Kemp, however, saw the social networking angle as just as important. "Given the growing popularity of social-networking sites like MySpace and Facebook, attacks leveraging vulnerabilities in their client-side components are not surprising," he wrote in the warning.
Symantec urged users to update the Image Uploader ActiveX control to version 4.5.57.1.
news by respected writer Gregg Keizer
source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9064298&intsrc=news_ts_head
No comments:
Post a Comment