TECHNOLOGY Microsoft flaw increasingly targeted in attacks

Sophos raises the threat rating to its highest level

By Naushad K. Cherrayil, Staff Reporter
June 22, 2012

Dubai: Sophos is advising computer users and administrators to exercise caution following the discovery of an as-yet unpatched security vulnerability in all current flavours of Microsoft Windows.

Sophos said the website of a European aeronautical parts supplier — which is currently not being named due to the sensitivity of the situation — had been hacked, and a malicious attack planted on the website which exploits a zero-day Microsoft security vulnerability.

“One way that hackers break into large companies and organisations is to target their supply chain. It’s reasonable to speculate that whoever was behind this attack actually had bigger fish to fry — the type of businesses that regularly visit the websites of aeronautical suppliers, such as defence companies,” said Graham Cluley, senior technology consultant at Sophos.

The vulnerability is believed to have been exploited in state-sponsored attacks against Gmail users earlier this month. Microsoft issued a security advisory about the flaw on June 12 and advised customers to apply one of several proposed work-arounds until a final security patch is released.

“Don’t underestimate the seriousness of this vulnerability,” said Cluley. “It’s being actively exploited in the wild, and there is currently no patch available for it. As a result, Sophos has raised its threat level rating to its highest level — ‘Critical’.

Even though a patch is not yet available, Microsoft has released a “Fix it” that prevents the exploitation of this vulnerability in Internet Explorer. “We strongly suggest that you consider this workaround — for now,” Sophos senior threat researcher Paul Baccas said in a blog.

The British Government estimated losses to business and individuals from cyber crime and the theft of business intelligence at £29 billion a year.

There has been a surge in cyber spying in the last 12 months. Most recently, the Flame malware was identified as a spying tool being used in the Middle East and Iran.

Many experts believe that the scale of cyber espionage is so large now that it amounts to an outright war.

Flame virus infected Microsoft Windows computers in Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt last month.

“While anti-virus companies might catch some, there still can be many viruses like Flame undiscovered on the cyberspace,” Stefan Tanase, senior researcher at Kaspersky Lab, said.

The risk of cyber warfare has been one of the “most serious topics in the field of information security for several years now,” Tanase said.


New Stories in Business

Aviation Construction Markets Oil & Gas Property Technology Tourism Your Money