Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    February 2012
    S M T W T F S
    « Jan    
     1234
    567891011
    12131415161718
    19202122232425
    26272829  
    • About Us
    Malware Blog > Patch Tuesday… Exploit Wednesday

    Some industry experts have coined a new term – “exploit week” – to call the days following the release of a Microsoft Security Bulletin. Very fitting, considering that for the past couple of months, new zero-day exploits and undetermined vulnerabilities are released days after Microsoft has posted their fix patches, which serves as a solution to previous zero-day exploits that were released days before… well, you get the picture.


    One day after Microsoft’s special Security Bulletin release concerning the VML vulnerability- which, by the way, caused so much hullabaloo that ZERT, a third-party organization, even released an unofficial patch for it – two new zero-day exploits were detected by Trend Micro. The first is TROJ_PPDROPPER.L, which takes advantage of a vulnerability in MS PowerPoint to drop and execute a backdoor. Hours later, a proof-of-concept HTML file detected as HTML_IESLICE.Awas discovered, taking advantage of a new vulnerability in Internet Explorer (as if the security industry doesn’t have its hands full on the other IE exploit already…) that could allow remote attackers to execute possibly malicious code on an affected system.


    Gone were the days when an exploit code was released after the vulnerability patch is made available. Remember the MSBLAST, SASSER, and ZOTOB worms? They wreaked such a havoc during their time, yet they were not released in the wild until at most a week after Patch Tuesday. Now, it seems that the trend is to chase after exploit codes – and by “chase” it usually means users have to wait 30 more days for the patch (and even that is not always a sure thing). It seems that from being proactive, Microsoft is becoming reactive.


    This poses a question: is Patch Tuesday still relevant? Granted, Microsoft has to follow a strict schedule for various reasons… but will it be better if they release fixes as soon as a bug is discovered? And with the emergence of ZERT – who aims to provide patches to vulnerabilities deemed threatening to information and system security – what, then would be Microsoft’s role than just an official patch distributor?





    Share this article
    		 Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon



    This entry was posted on Wednesday, October 4th, 2006 at 11:10 am and is filed under Uncategorized . Both comments and pings are currently closed.



    Comments are closed.



     

    Other Trend Micro blogs
    CTO Insights
    CounterMeasures Blog
    Cloud Security Blog
    Consumerization Blog
    Fearless Web
    Internet Safety for Kids & Families
    Simply Security News
    Trend Micro Blog [German]
    TrendLabs Security Blog [Japan]
    Cloud Security APAC
    Trend Micro Free Tools Threat Encyclopedia Trend Micro Videos
    Do you have a product-related question? Visit our eSupport website.

    © Copyright 2011 Trend Micro Inc. All rights reserved. Legal Notice