When you are a sysadmin there is nothing like waking up to not one, but two troubling bits of news. The first one centers on a new and fun Zero-Day vulnerability that affects just about every version of windows that Microsoft still supports. Dubbed Sandworm by iSight, the security firm that discovered it this bug exploits yet another flawed internal mechanism in Microsoft’s OS.
A couple of days ago we posted a story about a group of developers that complained to Valve about their lack of a Bug Bounty. In their complaint was an inference that having a form of reward would make people want to identify and report bugs and exploits in a timely manner. On the surface that would seem to make sense, but there is a flip side to this line of thinking. There will also be times when people will wait to report something to ensure they get the most money out of their efforts.
To say I am leery of The Cloud would be to make a very mild understatement. Ever since the first true cloud services hit the market (and were hacked) I have been concerned with the continued push to get more people onboard while little attention is paid to actually securing these services and the user data they contain. In a conversation I recently had, I brought up the fact that we are only in June and already have had 7 major breaches. Security (or the lack of) is a big issue, yet we do not see the companies building and selling “The Cloud” making the changes needed to protect what is already out there.
-43 days. That is how long Windows 8 lasted before a major malware tool was released for it Windows 8 is not even official and there is already a major exploit kit that covers it. Earlier today cyber criminals announced the launch of Black Hole 2. The original exploit kit was used in more than a few pieces of malware since it first was launched in Beta format in late 2010. The exploit kit is offered in almost like a cloud service (which brings us back to irony). You have to lease access to it so you can develop your malware. The pricing is pretty with a year lease going for only $1500. Despite the success of this exploit kit, like all enterprises you must grow or die.
It looks like there is a new exploit out for Microsoft’s Internet Explorer (all versions) which affects people running everything from XP to Windows 7. The security issue was not patched with the last round of Microsoft patches (called Patch Tuesday) so it remains an active and open security hole. According to Microsoft Security Advisory 2719615 there is a flaw in their XML Core services that can allow an attacker to execute arbitrary code at the same level of permission as the logged in user.