Zero-day exploit targets European website

SECURITY

|
Image: By BiztechAfrica
Zero-day exploit targets European website

Sophos is advising computer users and administrators to exercise caution following the discovery of an as-yet unpatched security vulnerability in Microsoft software.

SophosLabs determined that the website of a European aeronautical parts supplier - which is currently not being named due to the sensitivity of the situation - had been hacked, and a malicious attack planted on the website which exploits a zero-day Microsoft security vulnerability.

Sophos was alerted to the security problem when a Sophos customer attempted to visit the affected website, and received a warning message that a file on the site was infected by code which attempts to exploit a vulnerability in Microsoft XML Core Services which could allow Remote Code Execution - a vulnerability known as CVE-2012-1889 - which has been linked to recent warnings from Google about 'state-sponsored attacks'.

"One way that hackers break into large companies and organisations is to target their supply chain. Rather than try to hack a company which may have robust security practices and security teams, they can instead attack a smaller supplier who is less likely to notice the security breach," says Brett Myroff, CEO of Sophos distributor, NetXactics.

Users running any flavour of currently-supported Windows are vulnerable, from XP, up to and including Windows 7. All supported editions of Microsoft Office 2003 and Microsoft Office 2007 are also vulnerable. At the time of writing there is not yet an official patch from Microsoft - but the company recommends that Internet Explorer and Microsoft Office users immediately install a Fix it solution, downloadable with instructions from Microsoft Knowledge Base Article 2719615, until the company issues an official fix.

"Users should not underestimate the seriousness of this vulnerability. It's being actively exploited in the wild, and there is currently no patch available for it.

“Sophos has raised its threat level rating to 'Critical'. Sophos does provide protection against the exploit - but the best solution of all would be to have a proper fix from Microsoft,” Myroff says.

 

 



Share the News

Get Daily Newsletter

comments powered by Disqus

MORE SECURITY NEWS

Kaspersky Lab: Emerging Threats in the APT World - Predictions for 2015

Kaspersky Lab experts have released a list of the top emerging threats in the APT world. Read More

“Visibility Void” represents potential threat to enterprises

Companies must stay on top of a growing pool of cyber-threats says Andrew Potgieter, security solutions director at Westcon.   Read More

The hackers’ bounty - how much do cybercriminals make from innocent users?

Cybercriminals could be raking in profits 20 times greater than the cost of their attacks, according to figures compiled by Kaspersky Lab experts.  Read More

Don’t get hacked this holiday

Public Wi-Fi isn’t as safe as you might think, warns Eset. Read More

Regin: a malicious platform capable of spying on GSM networks

Kaspersky Lab’s Global Research and Analysis Team has published its research on Regin – the first cyber-attack platform known to penetrate and monitor GSM networks in addition to other “standard” spying tasks.  Read More

Security a top priority as Africa moves to LTE

Securing the network is a top priority for telcos and carriers as LTE becomes increasingly mainstream across Africa, says Fortinet. Read More

Barclays ropes in ICT taskforce in anti-fraud war

Barclays Bank of Botswana (BBB) has roped in experts in the field of Information Technology and cybercrime to give weight to its annual fraud awareness month. Read More

Kaspersky Lab: Most businesses use third-party services to manage virtualisation

Less than one-third of businesses keep their virtualisation servers on-premises and managed entirely by their own internal IT staff, according to a Kaspersky Lab survey of 3,900 IT professionals worldwide.  Read More

Cisco: Employee complacency increases risk

Kian Ellens Research released by Cisco shows that critical company data is at risk in South Africa as a result of organisations focusing IT security policies and resources more on external threats and not enough on the threat from within.    Read More

Cyber security workshop set for Wednesday

The African Cyber Risk institute (ACRI) will host a cyber security conference in Gaborone on the 29th of October.  Read More

PRESS OFFICES

Sage ERP AfricaSAP AfricaSage Pastel AccountingTrust PayVMWareSamsung ElectronicsMitsumi DistributionPhoenix DistributionMTN BusinessSchneider ElectricMultichoice

FEATURED STORY

PWC: Optimism abounds but a bumpy journey ahead for somePWC: Optimism abounds but a bumpy journey ahead for some

PwC’s ‘Capital Projects & infrastructure in East Africa, Southern Africa and West Africa,’ report says infrastructure spend in the region is projected to reach $180bn per annum by 2025.

IN DEPTH

Africa lags on digital migration Africa lags on digital migration

Only three African countries have so far completed the digital migration process, and serious issues are hampering the migration in other nations.