Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    September 2014
    S M T W T F S
    « Aug    
     123456
    78910111213
    14151617181920
    21222324252627
    282930  
  • About Us

    Here is yet another case of Patch Tuesday/Exploit Wednesday. While the bounty hunt for software vulnerabilities is still very much an active industry, malware authors have been seen to watch out for (and ultimately prey on) vulnerabilities disclosed by legitimate software vendors. This isn’t as irrational as it looks; malware authors are not looking for massive hits, just the numerous few who do not take care enough to download and install software patches.

    A few days after the regulation Patch Tuesday last April 8, our researchers were alerted to an exploit-backdoor tandem that specifically takes advantage of the vulnerability discussed in the Microsoft Security Bulletin MS08-021 (classified as critical). This vulnerability refers to the Graphical Device Interface (GDI) available in Windows operation systems. treats information. The exploatation of this vulnerability allows an attacker to take full control of a computer system.

    A file named TOP.JPG has been found to successsfully use this flaw. It was found hosted on sites, and arrives on a system as an executable which is now detected as EXPL_NEVAR.B. Its specific routine connects to an URL for downloading a file named WORD.GIF (which is also detected by Trend Micro, as BKDR_POISONIV.QI). Backdoors perform silent commands on the compromised computer without the user knowing it.

    Users should update applications and operating systems the moment patches are available.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice