Zero-day exploit targets European website
SECURITY| June 22, 2012, 10:02 a.m.
Sophos is advising computer users and administrators to exercise caution following the discovery of an as-yet unpatched security vulnerability in Microsoft software.
SophosLabs determined that the website of a European aeronautical parts supplier - which is currently not being named due to the sensitivity of the situation - had been hacked, and a malicious attack planted on the website which exploits a zero-day Microsoft security vulnerability.
Sophos was alerted to the security problem when a Sophos customer attempted to visit the affected website, and received a warning message that a file on the site was infected by code which attempts to exploit a vulnerability in Microsoft XML Core Services which could allow Remote Code Execution - a vulnerability known as CVE-2012-1889 - which has been linked to recent warnings from Google about 'state-sponsored attacks'.
"One way that hackers break into large companies and organisations is to target their supply chain. Rather than try to hack a company which may have robust security practices and security teams, they can instead attack a smaller supplier who is less likely to notice the security breach," says Brett Myroff, CEO of Sophos distributor, NetXactics.
Users running any flavour of currently-supported Windows are vulnerable, from XP, up to and including Windows 7. All supported editions of Microsoft Office 2003 and Microsoft Office 2007 are also vulnerable. At the time of writing there is not yet an official patch from Microsoft - but the company recommends that Internet Explorer and Microsoft Office users immediately install a Fix it solution, downloadable with instructions from Microsoft Knowledge Base Article 2719615, until the company issues an official fix.
"Users should not underestimate the seriousness of this vulnerability. It's being actively exploited in the wild, and there is currently no patch available for it.
“Sophos has raised its threat level rating to 'Critical'. Sophos does provide protection against the exploit - but the best solution of all would be to have a proper fix from Microsoft,” Myroff says.
MORE SECURITY NEWS
RSA research reveals blind spots in threat detectionRSA, The Security Division of EMC, has released the results of a new Threat Detection Effectiveness Survey. Read More
Banking security in Africa reaching a tipping pointEntersekt CEO Schalk Nolte looks at the growing security risks for banks and financial institutions in Africa and explains why complacency is no longer an option. Read More
Nigeria loses N127bn to cyber thievesBetween 2013 and 2014, the activities of criminals who chose the cyber space as their platform of operation has cost Nigeria a whopping N127billion. Read More
Staying one step ahead of information security threatsThe need to continually adapt to an increasingly hostile environment has resulted in a significant change from the familiar security measures that kept us “comfortable” a mere five years ago. Read More
ESET warns of new Facebook threatESET has warned of malicious links being sent to Facebook users under the title: “My video”, “My first video”, or “Private video”. Read More
What you need to know about WhatsApp’s end-to-end encryptionUsers of the instant messaging service WhatsApp will now benefit from more secure conversations after the company announced it has turned on full end-to-end encryption. Read More
Arbor Networks’ on-premise DDoS solution wins gold for best security hardwareArbor Networks Inc., the security division of NETSCOUT (NASDAQ: NTCT), has announced that Info Security Products Guide, the industry’s leading information security research and advisory guide, has named Arbor Networks as the winner of four of its Global Excellence Awards. Read More
Students unveil fingerprint car starting moduleIt is often said that necessity is the mother of inventions and this may be deemed true with finger print motor starter, a new innovation from Uganda developed by software engineering students of Makerere University. Read More
Remember governance in the rush to next generation platformsEnterprises are actively looking to next generation application and analytics platforms, but they need to be aware that the platforms alone cannot assure quality data and effective data governance, warns KID. Read More
Forgot password? Behaviour metrics authentication in mobile devicesRSA, The Security Division of EMC, says the future is truly about choice and providing secure authentication that makes it easy for users to comply with security policies. Read More
FEATURED STORYNigeria satellite resources to boost economic growth
The Management of NigComSat says Nigeria’s satellite resources are primed to help the nation in accelerating robust ICT infrastructure to boost economic development for the country.
BEST READ NEWS
IN DEPTHIBM Opens First Cloud Data Centre in South Africa
IBM is opening a new IBM Cloud Data Centre in Johannesburg, South Africa. The new cloud center is the result of a close collaboration with Gijima and Vodacom and is designed to support cloud adoption and customer demand across the continent.
COMPANY NEWSRSA research reveals blind spots in threat detection
RSA, The Security Division of EMC, has released the results of a new Threat Detection Effectiveness Survey.Networks Unlimited event highlights SimpliVity's new Omnistack Software
Leading data protection focused distributor invites hyperconverged vendor to discuss disaster recovery and data protection.MTN and Ericsson lead the way with first LTE-U network
To future proof its business, MTN SA, together with Ericsson, has successfully trialled LTE-Unlicensed (LTE-U) at MTN’s flagship channel store in Morningside, Johannesburg.