Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Increased Threat Level Due To Application Vulnerabilities

Sunbelt Software : 02 August, 2010  (Technical Article)
Sunbelt Software is issuing advice on increasing protection levels to combat the increased threat risk that currently exists
Sunbelt Software has raised its Worldwide Threat Level to "high" in light of unpatched vulnerabilities in three widely-used applications or systems and the Defcon and Black Hat conferences in Las Vegas this week. Sunbelt Software last raised the Worldwide Threat Level in its flagship antivirus solution − Vipre − to "high" in July 2009.

Botnet exploits have been reported for a vulnerability (CVE-2010-2568) in Microsoft Windows that allows an intruder to present a victim with a specially crafted shortcut (LNK file) that could enable the execution of arbitrary code with the privileges of the user. Also, with a certain AutoRun/AutoPlay configuration, exploitation could occur without any interaction from the user.

Secunia is warning of a buffer overflow vulnerability in Apple's QuickTime Player that could enable a malicious web page to execute arbitrary code. No fix is currently available.

Cisco has issued a security advisory warning of a vulnerability in hard-coded SNMP community names in its Industrial Ethernet 3000 series switches. A fix isn't expected until August, although workarounds are available.

In addition to the above high-profile vulnerabilities, the Black Hat and Defcon security conferences are going on this week in Las Vegas. Black Hat concluded on Thursday and Defcon runs from today (Friday) until Sunday. The presentations at the two are of high interest worldwide to hackers and malicious code writers. Sunbelt Software malware researchers and malware analysis tool developers were in attendance at Black Hat and will be exhibiting at Defcon this weekend on stand 17.

Internet users should:

• be sure anti-virus applications are updated and functional
• avoid opening attachments in spam emails or clicking on links in spam messages
• be cautious opening attachments or following links in email messages from friends
• be especially cautious in web browsing if they use QuickTime Player
• be alert for updates that are expected soon to fix serious vulnerabilities in QuickTime Player, Microsoft Windows and Cisco Industrial Ethernet 3000 series routers
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo