Latest

May 18, 2012 - Intel plans to get ‘inside’ cars in India Intel Corporation is in talks disgu ... +++ May 18, 2012 - Google earth was used clout Mumbai trembling attack: US commander Citing the example of the 26/11 Mum ... +++ May 17, 2012 - Mahindra Satyam to fund employee ideas When outsourcing services provider ... +++ May 17, 2012 - BSNL slashes mobile break usage charges by 75 percent In order to further reinforce its m ... +++ May 16, 2012 - Microsoft to charge $15 for Windows 8 upgrade deal Microsoft will thrust users who buy ... +++ May 16, 2012 - Lenovo, the biggest PC seller agency of India For the unrivaled time, Chinese per ... +++ May 10, 2012 - Twitter breached, 50,000 accounts posted to Internet Twitter is investigating an apparen ... +++ May 10, 2012 - Apple wins case condemn ‘Chinese iPad maker’ Apple won dismissal of Proview Elec ... +++ May 9, 2012 - Without Patni, there would’ve been no Infosys Patni Computer Systems, a instance ... +++ May 9, 2012 - Women yet to break information technology glass ceiling Information technology may be a pie ... +++ webdesign

Critical vulnerability in Windows media player exploited by Drive-by-download attack

January 30, 2012 No Comments
Translation

Security scientists from computer virus source Pattern Small have come across a Web-based harm that uses a known weeknesses in windows media player.

“Earlier today, we experienced a spyware that uses a recently revealed weeknesses, the MIDI Remote Code Performance Vulnerability (CVE-2012-0003),” Pattern Small risk reaction professional Roland Dela Paz said in a writing on Friday.

The protection drawback can be used by deceiving the sufferer into opening a specially designed MIDI (Musical Instrument Digital Interface) computer file in windows media player.

Microsoft released a protection fix for it on Jan 10, as part of its monthly spot cycle. “An enemy who efficiently used this weeknesses could take complete control of an affected program,” the company said at the time.

The so-called drive-by-download harm determined by Pattern Small scientists uses a destructive HTML web page to load the malformed MIDI computer file as an included item for the windows media player technique plug-in.

If successful, the make use of downloads available and completes a computer Trojan viruses on the targeted program, which Pattern Small picks up as TROJ_DLOAD.QYUA. “We’re still performing further research on TROJ_DLOAD.QYUA, but so far we’ve been seeing some serious payload, such as rootkit abilities,” Dela Paz said.

It’s not yet clear how sufferers are being deceived into visiting the destructive web page, but the harm doesn’t appear to target a particular organization or people, said Mark Sancho, a mature computer virus specialist at Pattern Small.

According to the specialist, the harm is not wide-spread at the moment, but it is possible that other enemies will start taking advantage of the same weeknesses in the long run. “As mentioned, this is a widely revealed weeknesses so we can expect similar problems at some point,” Sancho, said.

Trend Small suggests customers to install the protection areas described having MS12-004 protection message. The weeknesses impacts windows XP, windows Hosting server 2003, windows Windows vista, and windows Hosting server 2008, but not windows 7 or windows Hosting server 2008 R2.

As a general rule, customers should always keep their systems and other software installed on their computers up to date to avoid becoming sufferers of drive-by-download problems. Running an computer virus program capable of checking Web content at all times is also recommended.

Share
Tags: , IT News

Leave a Reply

You must be logged in to post a comment.