PandaLabs Criticizes Microsoft for Failing to Patch Vulnerabilities via Update
Microsoft, which issued a security update to fix vulnerabilities in Windows WINS server and DNS server on March 10, 2009, said the update resolves an aggregate of four security flaws in the Windows kernel. The most severe of these flaws, according to the company, could allow hackers to plant malware on users' PCs simply by luring one into opening a maliciously developed WMF or EMF image file.
However, the update has not been able to fix the flaw Microsoft claimed it would mend, said PandaLabs.
PandaLabs further says that one could exploit the flaw to trigger 'man-in-the-middle' attacks against Windows DNS servers. Thus, when users download WPAD (Web Proxy Automatic Discovery) entries from the DNS server, these could be influenced with a 'man-in-the-middle' assault.
In addition, an attacker who uses this flaw successfully can divert users' traffic via a rogue proxy. IT experts describe a proxy as a tool or program that organizations popularly use to connect every computer within a network to the Net via one PC.
Commenting on the issue, Technical Director Luis Corrons of PandaLabs said that by managing to divert users to a malevolent proxy, an attacker could seize personal information, redirect them to malware-infused pages so that the captured data could be infected, or intercept users' activities on the Internet and so on, as reported by PRNewswire on March 11, 2009.
Moreover, due to the security flaw, a user could even install a Trojan or some other malware with which hackers could wholly compromise a system. Security researchers further state that the flaw impacts nearly all versions of Windows such as Windows XP, 2000, Server 2003, Server 2008 and Vista.
Thus, PandaLabs suggests users of WINS server and DNS server to exercise extra caution as well as to look for newer Microsoft updates that would be released for fixing the flaw.
Meanwhile, Microsoft said that the update along with addressing the above flaw also addresses a pair of other vulnerabilities. These vulnerabilities are rated as "important," with which hackers could create spoofed websites to be used for committing identity theft.
Related article: PandaLabs Report Discusses Movie Trojan and Other Worms
» SPAMfighter News - 19-03-2009