 |
Blog Archive |
- Multipoint Servers are your Small Businesses Future
- Swap File
- Buy Windows 7 PC, get Windows 8 Pro for $14.99
- Microsoft in 2019
- Windows XP End of Life
- XP RAM Upgrade
- 5 Tips to Reduce Web Threats Risks
- Protecting yourself on the Web
- Hassle Free IT!!
- Small Business Server 2011
- 10 indispensable iPhone apps for IT administrators
- Why we Patch Computers with Security Updates
- 6 tips to save time with Microsoft Outlook
- Hard Drives hard to find?
- U.S. Small Medium Business intend to purchase 3.6 million Ultrabooks
- 10 ways to future-proof your business
- VNet Professionals believes in Cloud Power
- Unlimited Online Backup
- Intel Cloud Computing 2015 Vision
- Merry Christmas 2011!
- Trick or treat? Jokingly or seriously, Halloween can Damage your PC
- PC User Scams to Watch Out For
- No more Windows XP on new PCs
- Windows 7, one year later: How’s Microsoft doing? And what’s next?
- Top 10 reasons VNet Professionals recommend Outlook 2010
- Security is not just Antivirus alone.
- Hispanic Business Showcase Seminar
- Microsoft DLL Hijacking Exploit in Action
- San Diego Business Connectors
- VNet Professionals at the San Diego County Hispanic Chamber of Commerce Mixer
- Small Business Server 2008
- 141 tech experts to follow on Twitter, updated for 2010
- Cloud, it’s a web thing
- Three arrested over 12.7m PC botnet
- The cloud slide Steve Ballmer should have shown
- Pay as you go computing: A viable way forward?
- Can your IT services firm handle your tech recycling or refurbishment needs?
- Is cloud computing hype, or something riskier?
- Why RAID 6 stops working in 2019
- Ten things we still don’t know about Microsoft’s next-gen Windows Phones
- Windows 7 setup secrets
- Microsoft offers Windows XP, Office XP users 50 percent discount to encourage upgrades
- 10 Linux features Windows should have by default
- Will Chrome netbooks really be competitive?
- Why “good enough” simply isn’t with laptops
- Nine ways IT can help organizations ‘go green’ and reduce paper consumption
- Your car, your hot spot and Ford’s tech utopia
- Patch Tuesday: Microsoft plugs IE ‘drive-by download’ security holes
- My Windows 8 wish list
- Microsoft ends discounted Windows 7 Family Pack deal (but maybe not for good)
- 10 Windows features I would like to see in Linux
- Windows 7 is less secure than Vista
- Microsoft and PC makers readying more Windows 7 systems for small businesses
- 5 Reasons to Refresh your PC in 2010
- Windows 7 compatibility problems? Microsoft might have an app (or service) for that
- Guide To Choosing An Honest, Reliable, and Competent Computer Repair Technician
- The 10 best IT certifications
- 5 security threats to watch in 2010
- Patch time for FreeBSD users as Zero-Day exploit is published
- Ruby on Rails becomes latest open-source offering to run on Microsoft’s Azure cloud
- Office Web Apps access comes to Windows Mobile, iPhone, Blackberry and more (with some caveats)
- Netbooks dead? Not when sales are up 264 percent
- Microsoft still working on an Adobe Lightroom competitor, but with a social twist
- Older PCs Costing You More Than You Think: The Financial Rewards of PC Refresh
- VMware Announces VMware View 4
- TOP 4 Reasons to outsource your IT Department
- ActiveBatch Job Scheduler Adds Integrated VMware Support
- What Windows7 could mean for Linux
- Exchange 2010 Official Release
- Survey: Cloud Interest GROWS triple-fold; cost may not be main factor
- Should you upgrade to Windows 7? Download the Upgrade Advisor
- Netbooks worth the upgrade to Windows 7? Heck yes!
- Microsoft chops prices of its hosted enterprise cloud offerings
- The 10 biggest failures in IT history
- Microsoft does a 180 on Exchange 2007 support (in a good way)
- 10 Mistakes that Rookie IT Consultants Make
- 10 ways to evaluate your IT management software
- Which antivirus is best at removing malware?
- The real pros and cons of server virtualization
- Vulnerability Management
- Clean install with Windows 7 upgrade media? Get the facts!
- Seven perfectly legal ways to get Windows 7 cheap…or even free
- Top 10 reasons to upgrade from Windows Vista to Windows 7
- Free Guide: Seven Tips and Tricks For Windows 7
- More Laptops Combine Core i7, Windows 7
- Managed services model requires commitment from all levels
- L.A. votes to “Go Google”; Pressure Shifts to Google and the Cloud
- SMBs: Save Time & Money with SaaS
- New Mexico State Attorney General’s Office Goes Google
- Microsoft Shipping Schedule
Microsoft DLL Hijacking Exploit in Action
KB: We can’t fix this one - Microsoft DLL Hijacking Exploit from Offensive Security on Vimeo.
The DLL load hijacking vulnerabilities exist in many Windows applications because the programs don’t call code libraries—dubbed “dynamic-link library,” or “DLL”—using the full pathname, but instead use only the filename. Criminals can exploit that by tricking the application into loading a malicious file with the same name as the required DLL. The result: Hackers can hijack the PC and plant malware on the machine.
“Microsoft plans to address those of our products affected by this issue in the most appropriate way for customers,” said Jerry Bryant, a group manager with the Microsoft Security Response Center, in a Tuesday entry on that team’s blog. “This will primarily be in the form of security updates or defense-in-depth updates.”
Although Microsoft again declined to call out its vulnerable software, outside researchers have identified as potential targets a number of its high-profile apps, including Word 2007, PowerPoint 2007 and 2010, Address Book and Windows Contact, and Windows Live Mail.
Other vendors’ software may also be at risk, including Mozilla’s Firefox, Google’s Chrome, and Adobe’s Photoshop.
Microsoft has known of the issue since at least August 2009, when researchers with the University of California Davis notified the company of their work. There’s evidence, however, of reports as far back as 2000, and attacks exploiting the flaw the following year, when the Nimda worm leveraged the bug in Office 2000.
HD Moore, chief security officer at Rapid7 and the creator of the Metasploit penetration testing toolkit, was the first to reveal the potential attacks when, on Aug. 19, he said he’d found 40 vulnerable Windows applications. Moore was followed by other researchers who claimed different numbers of at-risk programs, ranging from more than 200 to fewer than 30.
Some vendors have already patched the problem in their software. Both uTorrent and Wireshark, a BitTorrent client and network protocol analyzer, respectively, have been updated to address the bug.
Others are working on a fix. “We’re testing our own Firefox-specific fixes and plan to get them out to users soon,” Mozilla’s security team said in an e-mail reply to questions last week.
Even so, Microsoft said patches may be long in coming to some users. “We recognize that it may take quite a bit of time for all affected applications to be updated and for some, an update may not be possible,” Bryant admitted.
In lieu of patches, the blocking tool is the best defense, he continued. With that in mind, Microsoft plans to make the tool available “within the next couple of weeks” for downloading and deployment using Windows Server Update Services (WSUS), Microsoft’s most-used business patch management mechanism.
The company is also thinking about pushing the tool to everyone, including consumers, via Windows Update, although it would be switched off by default, said Bryant.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg’s RSS feed . His e-mail address is .(JavaScript must be enabled to view this email address).
