Security Market Segment LS
Wednesday, 26 November 2014 16:01

Unicorn goes wild - unpatched Windows gets the horn

By

A very old but only just fixed Windows vulnerability is the key to a new in-the-wild attack.

Security vendor ESET says it has detected a real-life exploit for a vulnerability that's been part of Windows for nearly two decades.

Microsoft recently fixed a Windows vulnerability that's exploitable through Internet Explorer. The vulnerability has been present since Windows 95, and the addition of VBScript to Internet Explorer made it remotely exploitable, despite the Enhanced Protection Mode sandbox in version 11, or the use of Microsoft's Enhanced Mitigation Experience Toolkit.

Because such vulnerabilities are so rare, this one was dubbed Unicorn by its discoverer, IBM's X-Force Research team.

Now security vendor ESET says it has detected the use of this vulnerability on a compromised page on a Bulgarian web site that Alexa ranks as one of the most visited sites in Bulgaria and one of the top 11,000 globally.

The company warns that the attack code - which is based on a proof of concept produced by a Chinese researcher - downloads and executes known malware.

ESET Research staff suggest that the presence of the code on just one of the site's pages could indicate that it is still being tested by the miscreants.

"It was only a matter of time before we started seeing this vulnerability actively used as part of a cybercriminal campaign," they said.

"Scouring our data, we found several blocked exploitation attempts while our users were browsing a major Bulgarian website.

"As you might have guessed, the compromised website was using CVE-2014-6332 to install malware on the computers of its unsuspecting visitors."

The solution: apply the patch to still-supported versions of Windows, and stop using older ones online. (That said, a comment on the IBM page about the discovery of the vulnerability suggests it may be possible to patch Windows XP by having it pose as Windows Embedded POS Ready 2009.)

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments