Third-Party Programs Too Can Make Vista Vulnerable
After the ShoutHack vulnerability last week, the recently released OS (Operating System) Windows Vista is being targeted once again. Although the recent exploit does not actually appear to stem from the vulnerability in OS itself. It rather illustrates that even the most sophisticated features like UAC (User Access Control) can't make Windows Vista impregnable.
Core Security Technologies has claimed that a scammer can successfully commandeer the Vista machines via exploiting any buffer overflow vulnerability in BrightStor ARCserve Back up product that was set from CA (Computer Associates) International Inc.
CA divulged that the vulnerability resulted from inadequate checking of bounds on the user-supplied data. The overflow could be triggered by the hoaxers by specifically designed Remote Procedure Calls (RPC) request made to TCP ports 6504 or 6503. Triggering the overflow of a buffer would enable scammers to run malevolent code with administrative privileges on vulnerable system. Thereby, allowing the scammers to commandeer the vulnerable PC.
Max Caceres - product management's director with Code Security - said Information Security, this was the 1st exploit for a 3rd party application running on Windows Vista. And, vendors need to insert this code in to their applications.
Iván Arce, Core Security Technologies' CTO in a press release of the company divulged, to allow the customers to fully benefit from the new security tactics of Vista, all independent vendors of software need to be diligent in keeping their products updated. Security aware organizations and users evaluating new OS' adoption must ensure that the new security features of Vista are rightly configured & used by 3rd party applications.
Back up software is an especially attractive target among the malicious hackers, since a computer system tend to store huge amount of data that's accessible when the machine is compromised. Application of patched for fixing the flaws or blocking the external access to BrightStor software is advised to the BrigtStor users. Or, they can also use the IDS for spotting the attacks.
Related article: Third Data Breach on Pfizer’s System
» SPAMfighter News - 15-02-2007