Skip the navigation
News

Virus writers are picking up new Microsoft attack

By Robert McMillan
July 22, 2010 08:40 PM ET

IDG News Service - The Windows attack used by a recently discovered worm is being picked up by other virus writers and will soon become much more widespread, according to security vendor Eset.

Eset reported Thursday that two new families of malicious software have popped up, both of which exploit a vulnerability in the way Windows processes .link files, used to provide shortcuts to other files on the system.

The vulnerability was first exploited by the Stuxnet worm, discovered on computer systems in Iran last month. Highly sophisticated, Stuxnet targets systems running Siemens industrial control system management software. The worm steals SCADA (supervisory control and data acquisition) project files from Siemens' computer systems.

Siemens issued a Security Update for its customers on Thursday, but Microsoft has yet to patch the Windows bug that permits the worm to spread.

The newly discovered malware is "far less sophisticated" than Stuxnet and "suggests bottom feeders seizing on techniques developed by others," said Eset researcher Pierre-Marc Bureau, writing in a blog post.

One of the new samples installs a keystroke logger, a tool hackers use to steal passwords and other data, on the victim's computer. "The server used to deliver the components used in this attack is presently located in the US, but the IP is assigned to a customer in China," Bureau said.

The other variant could be used to install one of several different pieces of malicious software.

As each new variant of the attack pops up, it adds pressure on Microsoft to patch the underlying vulnerability. Microsoft's next set of security patches is due Aug. 10, but if enough customers get infected, the company may be forced to rush out an emergency patch for the issue.

Microsoft has already posted a temporary workaround to the problem and says it is working on a patch.

Right now, the Stuxnet worm makes up a very tiny volume -- less than 1/100th of a percent -- of the malware that Eset is seeing on the Internet, said Randy Abrams, Eset's director of technical education, in an interview.

However that's likely to change. "It's likely to become one of the most prevalent attack vectors," he said. "I expect that within a few months, we'll see hundreds if not thousands of pieces of malware using the link vulnerability."

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com

Reprinted with permission from IDG.net. Story copyright 2010 International Data Group. All rights reserved.
Additional Resources
Forrester Consulting - Optimizing Users and Applications in a Mobile World
WHITE PAPER
Solving application issues over the WAN requires careful consideration. Based on their independent research, Forrester Consulting offers recommendations on how to tackle application performance issues, insufficient bandwidth and the inability to quickly restore users in a disaster.

Read now.

Security KnowledgeVault
WHITE PAPER
Security is not an option. This KnowledgeVault Series offers professional advice how to be proactive in the fight against cybercrimes and multi-layered security threats; how to adopt a holistic approach to protecting and managing data; and how to hire a qualified security assessor. Make security your Number 1 priority.

Read now.

Cut Communications Costs Once and for All
WHITE PAPER
New IP-based communications systems are being deployed by small and midsized businesses at a rapid rate. Learn how these organizations are enabling faster responsiveness, creating better customer experiences, speeding office or mobile interactions, and dramatically reducing existing communications costs.

Read now.

Network Security White Papers
Overcome Top 7 Admin Challenges of Active Directory
As Active Directory's role in the enterprise has drastically increased, so has the need to secure the data. Gain insight on creating repeatable,...
Insiders Can Ruin Your Company. Take Action.
Did you know that 80 percent of threats to an organization come from the inside? The threat from insiders is often overlooked in...
Top Solutions and Tools to Prevent Devastating Malware
Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring...
Streamline Compliance and Increase ROI
Streamline, simplify, and automate compliance related activities; especially those that impact multiple business units. This white paper from NetIQ, outlines solutions that will...
X-Ray of the PCI Process-4 Proactive Steps
This white paper from Forrester Research Inc., helps break PCI into understandable components. Security and risk professionals will gain knowledge and insight into...
All Network Security White Papers
Network Security Webcasts
Try the OptiView® XG on your network - FREE
The OptiView® XG is the first dedicated tablet with automated network and application analysis -- fastest way to root cause. XG raises the...
Optimizing Networks for the Cloud
Join guest speaker, Rohit Mehra, IDC Director of Enterprise Communications Infrastructure, to explore current trends, discuss best practices for optimizing Data Center and...
Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as...
Apps QuickStart Series Part 1: Designing and Deploying Exchange 2010 on VMware vSphere
Download this webcast to learn the virtual hardware design considerations for Exchange 2010, deployment using the building block approach, options for high-availability and...
Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware
Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn...
All Network Security Webcasts
Newsletter Sign-Up

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  1. View all newsletters | Privacy Policy
IT Jobs