検索:
ホーム   »   Archives for 4月 2006

Another IE Bug

  • 投稿日:2006年4月29日
  • 執筆:ウイルス解析担当者
0

Yet again a new IE bug has been discovered. The Advisory for the new bug is already posted in Secunia.


“The vulnerability is caused due to an error in the processing of certain sequences of nested ‘object’ HTML tags.”


This can be exploited when visiting a malicious website and has been confirmed to work on Internet Explorer 6.0 Windows XP SP2.


続きを読む

Web Attacker toolkit on the rise

  • 投稿日:2006年4月26日
  • 執筆:ウイルス解析担当者
0

The web attacker toolkit is just $15 dollars and is offered by a russian website according to an article by The Register. Today we received a list of site that uses this toolkit and according to this list, there are approximately 800 sites that uses the Web Attacker Toolkit. Unwary users that strays to these sites may find themselves exposed to Javascript codes, These codes then attempts to take advantage of known web browser and Windows vulnerabilities to be able to find new homes of malwares ranging from keyloggers to banking trojans or even backdoors.


The kit even has the ability to determine which browser the visiting user is using and depending on the version, will use one of seven different exploits based.


Because of the low price of this toolkit we may see even more increase in sites that make use of it. We are warning users to be very cautious. Links to these sites may be spammed or advertised or watever, we strongly recommend updating machines with the latest patch.


続きを読む

*Possible* PowerPoint Trojan Exploits MSO6-012

  • 投稿日:2006年4月26日
  • 執筆:ウイルス解析担当者
0

A cute powerpoint trojan (it even has a cartoon picture of a girl petting a cat is currently making the rounds on the net. The powerpoint sends a good message about loving your work. The catch? It has an embedded exe file in it which gets dropped *possibly* via the MS06-012 vulnerability (we’re still verifying the actual exploit used, but it *seems* to be MS06-012).


When running the powerpoint, nothing out of the ordinary actually happens, but at the time that a user is done reading the message and closes the powerpoint, a temp file is created and executed, leaving two dropped files in the process.



  • %systemdir%wbemwmiadapt.exe and
  • %systemdir%systhin.dll

Well there is one sure way of defeating this trojan though…UPDATE your Windows Systems.


続きを読む

“An Open Letter to Security Vendors”

  • 投稿日:2006年4月24日
  • 執筆:ウイルス解析担当者
0

Yes, obviously a copy-pasted title, and this one is from PC Magazine.


To summarize, the author discusses how and what Security Vendors should do in order to keep Microsoft at bay (coming from an end-user, that is).


And oh, a quote:


“Trend Micro has all the right tools in the box, but its antispyware component is a major disappointment.”


But hey, our antispyware is still improving and will improve (of course!). And we have “all the right tools in the box”. Still, not a bad description and plus-points for us.


Read it here.


続きを読む

Don’t Be Gullible: Social Engineering Revisited

  • 投稿日:2006年4月21日
  • 執筆:ウイルス解析担当者
0

Vulnerabilities and exploits aside, most security attacks become successful because of the supposed weakest link in the system: The human users (Yes, that’s us).


Because of the social engineering, a worm variant masquerading as a harmless attachment to an email is most likely to be opened and executed not because it does so on its own but rather it tricks the user into doing so. Gullibility then becomes the key to security breaches.


So don’t be gullible. Read more about social engineering here.


続きを読む

More Vulnerabilities on Apple OS X

  • 投稿日:2006年4月21日
  • 執筆:ウイルス解析担当者
0

Yeah you know what I mean. After Apple updated OS X 10.4.5 to OS X 10.4.6 which addressed critical security vulnerabilities, there are other possible vulnerabilities found in the updated OS X. A guy, by the name Tom Ferris, claims to have found the following vulnerabilities in the updated OS X.



  • Apple OS X 10.4.5 .tiff “LZWDecodeVector ()” Heap Overflow
  • Apple OS X BOM ArchiveHelper .zip Heap Overflow
  • Apple OS X Safari 2.0.3 Multiple Vulnerabilities
  • Apple OS X 10.4.6 “ReadBMP ()” .bmp Heap Overflow
  • Apple OS X 10.4.6 “CFAllocatorAllocate ()” .gif Heap Overflow
  • Apple OS X 10.4.6 .tiff “_cg_TIFFSetField ()” DoS
  • Apple OS X 10.4.6 .tiff “PredictorVSetField ()” Heap Overflow

The first vulnerability was patched in OS X 10.4.6 however the other vulnerabilities are claimed to be unpatched in Apple OS X 10.4.6 but are already reported to Apple.


All of these have been reported to product-security@apple.com around the beginning of this year. From what I have been told, they “will be fixed in the next security release”.


You may follow the following link for the original article.



  • http://security-protocols.com/

By the way, users who haven’t patched their OS X machines are advised to update to Apple OS X 10.4.6. You may visit Apple’s update page here.


続きを読む

Busy April 21

  • 投稿日:2006年4月21日
  • 執筆:ウイルス解析担当者
0

Yesterday was a busy day for TMIRT engineers; our email honeypot
is still being flooded by mails from these email propagated
malwares.

  • WORM_MYTOB.PR
  • WORM_MYTOB.PQ
  • TROJ_LINEAGE.ALD
  • TSPY_GOLDUN.EI
  • TROJ_DLOADER.DAY

Rest assured, all 5 malwares have already been processed by our
service team and proper solutions for them will soon be
available.


続きを読む

Its a Mytob Month

  • 投稿日:2006年4月20日
  • 執筆:ウイルス解析担当者
0

Apparently it is … there are already 10 cases of MYTOB worms
starting from April 8, the latest of which is WORM_MYTOB.PZ
(currently making the rounds). But there really is no need to
worry, the sample has already been sent to our very capable service
team and all solutions for the latest WORM_MYTOB are currently
being made and will be available soon.

続きを読む

Ten Infamous Moments in Security Research

  • 投稿日:2006年4月19日
  • 執筆:ウイルス解析担当者
0

According to InformationWeek, that is.




  1. SQL Slammer
  2. Windows Plug and Play
  3. Cisco IOS heap overflow
  4. Windows Metafile
  5. Oracle transparent data encryption
  6. Oracle PLSQL gateway
  7. Apple Mac iChat
  8. Internet Explorer createTextRange()
  9. Internet Explorer HTA files
  10. Sendmail SMTP server software

No doubt that these are noteworthy events, but distilling “infamous moments” in security research to just 10 tends to miss out other significant infamous moments. As some security blogs (OSVDB) points out, “initial discovery/disclosure of vulnerability classes (Overflow, XSS, SQL Injection) seem like they would big moments.” Moreover, the “list seems to be very centered around the last couple of years.”


Personally, I would like to add these.



  1. RPC-DCOM bug (MS03-026) – bots love this


  2. LSASS bug (MS04-011) – bots also love this


  3. IIS IDA/IDQ ISAPI Filter Buffer Overflow (MS02-010) – to be exploited later on by code red


  4. PHP remote file inclusion vulnerability – not a bug in PHP per se, but in applications written in PHP. This bug class left a lot of linux/unix systems using affected PHP applications vulnerable. Most of the Linux bots found these days uses some form of this vulnerability to spread.

These ones are off the top of my head. Of course, there are a lot others that I’ve missed. But then again, adding more would make the length of the list greater than 10, which is the purpose of the original article.


続きを読む

Oracle Quarterly Patch

  • 投稿日:2006年4月19日
  • 執筆:ウイルス解析担当者
0



Yes, it’s time for Oracle’s quarterly patch, and before I leave my post I just wanted to remind Oracle product users. You may need to patch up your software in order to avoid attacks on known vulnerabilities that may be patched by Oracle’s developers. Well, visit the following link for the updates:



  • www.oracle.com/technology/deploy/security

You can also see if you need to update your Oracle software in the given link.


続きを読む
Page 1 of 3123


  • 個人のお客さま向けオンラインショップ
  • |
  • 法人のお客さま向け直営ストア
  • |
  • 販売パートナー検索
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • 電子公告
  • ご利用条件
  • プライバシーポリシー
  • Copyright © 2021 Trend Micro Incorporated. All rights reserved.