Web Attacks Successfully Targeting Security Vendors

Officials from Trend Micro, Inc. acknowledged being hit by a large-scale Web attack. In other news, Microsoft Corp. released its latest security patches for some of its software, while CA, Inc. reported findings on what the top targets are today for hackers.

Focal Points:

• Officials from Trend Micro recently confirmed that the security vendor's Web site had been hacked. This latest incident is a continuation of an attack that has successfully loaded malicious software onto over a hundred legitimate Web sites in the past week. A Trend Micro spokesman said that the affected pages were taken down as soon as the problem was identified and remedial action was taken to fix the problem. Officials from McAfee, Inc. stated that over 20,000 Web pages were affected by this most recent attack. The malicious software attempts to install software that is designed to steal user passwords. All of the affected pages appear to be using Microsoft's Active Server Page technology. This recent attack did not affect sites that have up-to-date patches, since the attack exploits known vulnerabilities. Experton Group believes this dramatically highlights the need to keep all systems up to date with all software patches.
• Microsoft officials announced that the company would be releasing four security updates next week. These updates are all focused on its Office business suites. All four patches are listed as being "critical", the highest ranking Microsoft uses for its patches. This set of patches is targeted for Office 2000, Office XP, Office 2003, Office 2007, as well as Office 2004 and 2008 for Macs. In addition, one of the patches is targeted for Outlook, which includes Outlook 2007. Another of the patches appears to be for a flaw in one of the Excel file formats, while another deals with a problem related to the spreadsheet application.
• CA officials recently announced the publishing of its Security Outlook Report. It cited social networks and Web 2.0 as two of the top targets for attacks for 2008. While the report acknowledged an improvement in software that detects malware, it also noted that cyber criminals are getting much better at avoiding detection. Some of the other findings in the report included an increase in the use of botnets for attacks and an increase in the vulnerability of Windows Vista as a hacker target.

Experton Group believes security vendors will not be able to stay in front of the hackers that are developing exploits faster than security vendors can find and mitigate them. However, many of these exploits are taking advantage of known vulnerabilities that would not affect end users if the appropriate patches and upgrades were made. Therefore, IT executives must place a heavy emphasis on patch management, and augment active patch procedures with technology such as network access control (NAC) appliances, which can help enforce patch management.