|
Hackers target Microsoft Windows XP support system |
 |
 |
 |
|
Written by BBC
|
|
Thursday, 01 July 2010 14:26 |
|
Hi-tech criminals are "escalating" attacks on an unpatched bug in the Windows XP help and support system.
Microsoft said it had seen more than 10,000 machines hit by the attack that, so far, it has not found a fix for.
Windows PCs falling victim will have control of that machine handed over to attackers.
Microsoft said the attacks had gone from theoretical to real very quickly and urged users to take steps to protect themselves.
'Nightmare' attack
Microsoft revealed the upturn in attacks in a blog post saying that it had been monitoring activity around the loophole since it was first revealed on 10 June.
Found by Google engineer Travis Ormandy, the loophole revolves around the Help and Support system built into XP. Mr Ormandy found that it was possible to exploit its ability to give remote aid and apply fixes to ailing machines.
Initially, said Microsoft, it only saw "innocuous" attacks by researchers attempting to replicate what Mr Ormandy had found.
Real exploits turned up on 15 June and these have been enthusiastically adopted by hi-tech criminals.
Writing on the Microsoft Security Centre blog, Holly Stewart said it had started seeing "seemingly-automated, randomly-generated" web pages that host the exploit.
A variety of trojans, spam tools and viruses are being downloaded to compromised machines, she said.
Rik Ferguson, senior security researcher at Trend Micro, said: "It's certainly very serious and is now being actively exploited by what appears to be several different groups as you can see form the multiple payloads being delivered."
Carole Thierault, senior security consultant at Sophos, said attacks like this were a "nightmare" to defend against if people did not regularly update or use anti-virus.
Statistics gathered by Microsoft suggest Portugal was taking the brunt of the attacks but users in Russia and Croatia were also being hit. More than 10,000 machines had been hit at least once by the attack, it found.
To avoid falling victim, Microsoft advised users to turn off the part of the Help and Support system that is vulnerable. It has produced an automated tool that can do this for users.
Mr Ferguson from Trend Micro said there were other steps users could take to stay safe.
"It is important to ensure that your security software is capable of identifying and blocking malicious websites," he said, "as you can be sure that the criminals behind this will be constantly updating their malicious files to try and avoid traditional security."
Microsoft said it was working on a lasting fix for the loophole.
Â
Â
Source BBC:Â http://news.bbc.co.uk/2/hi/technology/10473495.stm |
|
Facebook "clickjacking" spreads across site |
|
|
|
|
Written by BBC Page last updated at 9:54 GMT, Thursday, 3 June 2010 10:54 UK
|
|
Thursday, 03 June 2010 14:09 |
|
Hundreds of thousands of Facebook users are falling victim to so-called "clickjacking" attacks, warn web security labs.
Facebook members see links to subjects such as "World Cup 2010 in HD" or "Justin Bieber's phone number" that their friends appear to have "liked".
Clicking the link tricks users into recommending the site on Facebook too.
Security experts say the scam currently has no malicious intent but could be adapted to deliver malware.
The link generally takes the user through to a page containing an instruction, such as asking them to click a button to confirm that they are over 18.
However, wherever they click on the page it adds a link to their own Facebook profile saying they have also "liked" the site.
Currently the purpose of clickjacking is "trivial" and does not actively result in any malware or phishing attacks, said Graham Cluley, senior technology consultant at Sophos.
"At the moment the attacks which we've seen are more like old-school viruses - written for the heck of it to see how many fans they can get.
"But our feeling is that it would be fairly easy for the bad guys to introduce some revenue generation for themselves," he told BBC News.
Clickjacking works across all computer operating systems, added Mr Cluley.
The Facebook attack uses iFrames, which essentially places an invisible button over an entire web page, so that wherever the user clicks, they end up hitting the button - in this case a hidden Facebook "like" button.
A free plug-in called NoScript, built for the Firefox web browser, includes pop-up warnings about potential clickjacks.
However, it will also query clicks on Flash videos, commonly used on many websites - and it is not easy to install, said Mr Cluley.
"You have to be a little bit nerdy to configure it." |
|
Last Updated on Thursday, 03 June 2010 14:21 |
|
|
Tech specs confuse gadget buyers |
|
|
|
|
Written by BBC
|
|
Thursday, 24 June 2010 11:12 |
|
Labels containing technology specifications and jargon are "misleading people buying new electronic devices" claims Which?
In many cases, the statistics of different brands are not comparable, says the consumer watchdog group.
Shops can add to the confusion by not understanding the significance of the labels either, according to the Which? report.
The firm looked at a range of devices including TVs, cameras, and laptops.
"Televisions make a lot of claims and use a lot of big numbers," said Matt Bath, technology editor at Which?
"One set claimed to have 'four trillion colours' - which sounds fantastic. The trouble is, programmes aren't broadcast in that many colours and in any case, we can't see that many; it's meaningless."
He also warned consumers against comparing statistics - such as contrast ratios between different sets - because the manufacturers do not have a common standard, so the numbers they use are not the same.
No Comparison
Â
Televisions marked 100Hz, 200Hz, and 600Hz are also not measurements of the same specification, although they can be presented as if they are, Mr Bath told BBC News.
100Hz and 200Hz relates to the number of times a screen refreshes itself per second, while 600Hz refers to the number of individual pixels, rather than the whole picture, which refresh in the same amount of time, he said.
"It's like comparing two cars when one claims to reach 100 miles per hour and another 1000 revs per minute," said Mr Bath.
Digital camera marketing also came under scrutiny. Some devices claim to have an impressive "digital zoom" rate, but this simply means that they enlarge part of the original image, rather than refocus the lens (optical zoom), according to the report.
"It's certainly marketing hype," said Mr Bath.
"Plastering products with big numbers will make some consumers choose the brand which sounds more impressive. But when it comes to technology, bigger doesn't mean better."
Â
Tech Specs Confuse Gadget Buyers
Source: BBC  http://news.bbc.co.uk/2/hi/technology/10393377.stm   author not listed |
|
Last Updated on Thursday, 24 June 2010 15:19 |
|
Adobe acknowledges critical security flaw in software |
|
|
|
|
Written by BBC
|
|
Monday, 07 June 2010 11:35 |
|
Adobe has acknowledged a "critical" security flaw in its Reader, Acrobat and Flash Player software.
Adobe says the vulnerability potentially enables hackers to take control of affected computer systems.
Users running Windows, Macintosh or Linux might all be open to attack.
The company is working to fix the problem. In the meantime, users of Reader, Acrobat and Flash are advised to ensure their anti-virus software is up to date.
"It doesn't really get any worse than a 'zero-day' vulnerability like this," said Graham Cluley, senior technology consultant at Sophos, a security software company.
Affected software
- Adobe Flash Player 10.0.45.2 and earlier 10.0.x versions for Win, Mac, Linux and Solaris
- Adobe Flash Player 9.0.262 and earlier 9.0.x versions for Win, Mac, Linux and Solaris
- Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Win, Mac and UNIX
- Adobe Flash Player 10.1 Release Candidate does not appear to be vulnerable
- Adobe Reader and Acrobat 8.x are confirmed not vulnerable
Source: Adobe
He said that hackers could create a "booby-trapped Flash animation, or PDF" that would give them access to a person's computer, potentially allowing them to harvest personal information or use the machine to send spam messages.
In recent years, PDFs have become a popular means of sharing documents that are not easily altered by the recipient.
Vulnerability exploited
In a security advisory, Adobe said: "There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat".
Whilst it works to fix the problem, the company suggested upgrading to the latest "release candidate" for the Adobe Flash Player, version 10.1, which it said "does not appear to be vulnerable".
Alternatively, the company said that Adobe Reader and Acrobat users could delete or rename the "authplay.dll" file on their system.
However, Adobe said that doing so meant that "users will experience a non-exploitable crash or error message when opening a PDF file that contains SWF [Adobe Flash] content."
Mr Cluley said that keeping anti-virus software up to date would also help to avoid problems.
"There has been a long history of vulnerabilities being found in Adobe's products," he said.
"This is probably because they are everywhere and omnipresent."
Adobe estimates that more than 95% of computers worldwide have Flash Player installed.
Argument strengthened
Apple has been criticised for preventing its popular iPhone and iPad devices from viewing Adobe Flash animations and videos.
Apple boss Stve Jobs recently wrote an open letter explaining that Adobe's Flash was, amongst other things, "the number one reason Macs crash".
Mr Cluley said: "The more people who are concerned about Adobe's products and the ability for them to be written securely, the more it backs up Steve Jobs's argument that Adobe's software is buggy.
"The crux of the problem is that Adobe have overloaded some of their programs with so many bells and whistles, that with lots of code, there is a much higher chance that there will be a bug.
"This vulnerability exploits a feature of a PDF file format that will not be widely used.
"A simpler code might have led to a simpler life." |
|
Last Updated on Monday, 07 June 2010 11:41 |
|
