RSS
Follow us on:
  • Recommend:
  • 0 Comments
  • Print

Zero-Day Malware Attacks You Can't Block

No matter how diligently you patch your PC, it may still be vulnerable during the first hours of a previously unseen attack. Here's what you should know about zero-day hazards and the security holes they exploit.

Illustration: Stuart BradfordYou're no security slouch. You keep your programs up-to-date, and you have antivirus installed. You're careful about where you surf and what you install on your computer.

But last September, if you had visited a blog hosted by HostGator, a top-tier provider based in Florida, your PC's browser would have been summarily redirected to an infected Web site that exploited a vulnerability in an old Microsoft image format.

Within seconds, a payload of malware would have invaded your computer.

Had this happened, you'd have fallen victim to a zero-day exploit--an attack against a software flaw that occurs at a time when no patch to correct the problem exists. The term originally described a vulnerability that was exploited "in the wild" (that is, outside a research lab) on the same day that a patch became available for it, leaving IT staffs zero intervening days to close the hole.

Today, the value of zero-day exploits to online criminals is skyrocketing precisely because the attacks can break into up-to-date, well-maintained systems. Last December, for instance, Trend Micro chief technology officer Raimund Genes noticed a sales pitch scrolling by in an Internet chat room: A hacker wanted to sell an undisclosed vulnerability in a beta version of Windows Vista for a staggering $50,000, though Genes was unable to determine if anyone bought the code.

"There's much more of an organized undercurrent now," says Dave Marcus, security research manager for McAfee. "[The criminals] have figured out they can make money with malware."

A Zero-Day Attack Marches On

Click here to view a detailed timeline of this zero-day attack.Illustration: Stuart Bradford Last September SunbeltSoftware discovered attacks against a vulnerability in Vector Markup Language graphics, which are rarely seen but still supported in Windows. Within a week, criminals infected thousands of sites with poisoned images capable of inflicting a drive-by-download attack on any hapless user who viewed the image.

Would you recommend this story? YES NO

  • Recommend:
  • 0 Comments
  • Print
Comments

Subscribe to the Security & Privacy Newsletter - weekly

See All Newsletters »

Subscribe to the Security & Privacy Newsletter - weekly

See All Newsletters »
Today's Special Offers