Vulnerabilities have been found in current versions of Foxit and Xpdf readers as well. Patches are not yet available, so open unsolicited .pdf files with care.

A new round of website attacks is also exploiting un-patched web applications. These can be difficult to detect, because the malicious files have the same directory and file names as legitimate files. Most previous attacks re-directed visitors to malicious sites, but this attack actually insert the malicious code on the site, making cleanup more difficult.

This does not mean that the previous methods are being replaced. In fact, there has been a resurgence of these previous attacks as well.

This highlight the fact that the attack trends have shifted from operating system attacks to application attacks. Most users are not as diligent about patching applications as they are about patching their operating systems. When servicing client computers, it is just as important to check for application updates as it is to check for operating system updates.

Dennis H in West Virginia, US

October 20, 2009

Today is “Patch Tuesday”, and Microsoft will be rolling out a record number of critical (8) and important (5) patches. There is also a patch for a critical vulnerability in Adobe Acrobat Reader due for release today. Adobe coordinates their patches with Microsoft’s patches to make the second Tuesday of every month doubly important.

Checker for Compromised E-mail Accounts

Here is a useful tool. Anyone with an email account on Hotmail, Yahoo, Gmail, or AOL should take a moment to make sure their account was not one of the 40,000 or so that were compromised recently. The passwords for the compromised accounts have been released publicly.

It’s Only a Drop in the Bucket – But It’s a Start

The FBI’s Operation Phish Phry won’t make much of a dent in the proliferation of phishing scams that have invaded users’ inboxes, but at least some effort is being made to find and prosecute the criminals responsible. 100 arrests is a modest start, but a start nonetheless.

Dennis H in West Virginia, US

October 13, 2009

There is yet another vulnerability in Adobe PDF reader that has been revealed and there are known exploits in the wild. Warn clients about the risk of opening PDF files from unknown sources. Adobe has not yet issued a patch, but there is a third party patch available. It is quite unusual for a third-party researcher to issue a patch before the vendor. WAKE UP, Adobe!.

Dennis H – February 25, 2009