Kaspersky Labs Identifies 32m Flawed Files and Software
According to Kaspersky Labs the security company, it identified nearly 32 million flawed files and software programs on people's PCs during the recent quarter i.e. Q3-2010. Of these flaws, the 10 that prevailed most widely as well included a few whose patches had already been released between 2007 and 2009.
Explains Kaspersky that cyber-criminals frequently abuse vulnerabilities within program codes for acquiring access to resources and data on vulnerable PCs. They use malware known as exploits, which are created particularly for capitalizing on these security flaws. These exploits or attack codes are becoming more and more widespread, says the security company. Mybroadband.co.za published this on October 13, 2010.
Another malware which cyber-criminals are currently increasingly exploiting is the Stuxnet virus. Kaspersky observes that this virus abuses the CVE-2010-2568 inside LNK files. Moreover, it proliferates through the creation of a maliciously designed LNK shortcut that's served on the vulnerable PC.
Thus, as soon as the PC operator opens the shortcut within a network package, Stuxnet automatically gets installed on his system. Hijacked shortcuts are proliferated through e-mail as well. When an e-mail system tries exhibiting the icon, the malware begins to load onto the PC.
The company further outlined that earlier online crooks mostly attacked security flaws inside MS Windows operating systems. But, during the recent years, they've been targeting Adobe applications like Adobe Reader and Flash Player. In the beginning, Adobe acted slowly in developing patches for its products, nonetheless, over time it realized the need for addressing the issues facing end-users.
Additionally, Kaspersky observed that a lot of users failed to regularly make their software up-to-date, and went on utilizing the old applications. That was the reason why exploits abusing already patched flaws continued to be the most prevalent malware items spotted on end-users' PCs.
Eventually, to avoid attacks through flawed applications, the security specialists suggest that users should routinely look for updated applications as well as install them soon after their release. Over and above, the suggestion that's most vital is that users must not open e-mails or follow links, which arrive into their mailboxes from sources unknown to them.
» SPAMfighter News - 19-10-2010