Read up on the latest ideas and technologies from companies that sell hardware, software and services. Wireless LANs: Is my enterprise at risk?
Did you GET the memo? Getting you from Web 1.0 to Web 2.0 Security
Agile in the Enterprise
Mobile Solutions Deliver Improved Efficiency to Star Track Express
Why Security SaaS Makes Sense Today
How to Beef Up Your Sales Pipeline
Understanding Email Marketing: A Guide for SMBs
Radicati Market Quadrant 2008 on Corporate Web Security
Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
In the last two weeks, hackers have exploited an 18-month-old vulnerability in Microsoft Windows in three high-profile attack campaigns to infect PCs with advanced rootkits and launch infections from thousands of compromised Web sites.
Since Dec. 28, the same exploit has been used by attackers who jumped on the news of former Pakistani Prime Minister Benazir Bhutto's assassination, by attackers who earlier had hacked thousands of sites using a robotic SQL injection attack, and by the creators of a sophisticated master boot record rootkit invisible to Windows.
The exploit is for a bug within an MDAC (Microsoft Data Access Components) bug patched in April 2006 by Microsoft's MS06-014 security update. When Microsoft fixed the flaw, it issued updates for every version of Windows then supported, from Windows 2000 through Windows XP to Windows Server 2003.
Within days of the April 2006 release of a fix, hackers had come up with a working exploit. And it's been in continual use since then, said Roger Thompson, chief research officer of Grisoft SRO. "It's popular because it really works," Thompson said as he explained why he thought the exploit remained popular. "It doesn't require a special version of Windows, it works with them all except Vista, and it doesn't require anything else, like a specific version of Internet Explorer.
"And it's also easy to tweak," he said.
The combination has proven irresistible. "It's a 'good' exploit," Thompson said, meaning 'bad' for users. "It's in all the exploit packages for one thing."
Attack kits like Mpack, Icepack and Neosploit have become popular with cyber criminals, especially technically-challenged crooks, because they can simply point-and-shoot one or more exploits at victims from malware hosts or compromised Web sites.
"[MS06-014] is as common as can be," said Thompson, so it's no surprise that the exploit has shown up in several recent attacks. "The reality of it is that if you're not patched, it works like a charm. And a lot of people aren't patched, or [the attackers] wouldn't be using this."
Other notable attacks that have relied on the MDAC exploit include the hijacked Bank of India site in August 2007, and the one launched from the hacked Web site belonging to the Miami Dolphins NFL team last February, just days before the Dolphin's stadium hosted Super Bowl XLI.
Computerworld Member Login
Prioritizing Services with IT Service Management (ITSM)
Computerworld Live Webinar
Wednesday 20th, August 2008
11:00am EST (Sydney, Australia)
To be repeated on:
Thursday 4th, September 2008
11:00am EST (Sydney Australia)
Sign up and receive a free copy of The Forrester WaveTM Service Desk Management Tools, Q2 2008 at the conclusion of the Webinar.
Attend and discover:
- How to deliver value to your business through ITSM
- Best practice ITSM implementation
- Why emphasis is changing from optimizing IT management processes to better servicing customers and demonstrating real dollar value
- If service-oriented ITSM is best for your business
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Tumbleweed appoints O2 Networks to its Australian Channel Partner Program 2008-08-29 12:31:00+10
HP ProCurve Brings Big Business Gigabit Switching Features to Small Businesses 2008-08-29 12:00:00+10
Nortel and LG Electronics are First in World to Demonstrate Mobile LTE Handover 2008-08-29 11:30:00+10
GlobalConnect Provides Treatment for Healthcare Provider’s Contact Support Requirements 2008-08-29 09:59:00+10
Sybase and Logica Partner To Mobilise The Supply Chain 2008-08-29 09:47:00+10
The Next CIO is You
The revolution is underway. Market dynamics are fanning the flame of change and innovation. Business is ultimately only as good as its IT organization. And an IT organization is only as good as its CIO. Read on to discover the revolution changing the role of the CIO. Are you on board?
