|
|
|
|
|
|||||||
 |
Computer Security - Attackers targeting media players |
|
|
Thread Tools | Search this Thread |
11-23-2005, 04:06 AM
|
#1 |
Attackers targeting media players
http://australianit.news.com.au/arti...-15318,00.html
There is a lot of truth in this article based on recent trends. Apple Quicktime, Macromedia shockwave, Windows media player, Adobe Acrobat, all of have current or recent issues. Folks need to consider if they actually need these items to do business and ensure they have mitigated the threats posed by these plug-ins. These vectors are wonderful vectors for ingress into most networks via e-mail links and html pages. Most networks have groups of users who can't resist sharing a fine video, a religious, funny or patriotic sentiment who do not understand the threat. We have found policies on this activity difficult to enforce (though we are removing a couple threat vector users permanently as I speak), but users can't seem resist sharing some fine sentiment, irrespective of the consequences .....mutters. Thought some might find the article useful for their user education campaigns. Winged Winged |
|
|
|
11-23-2005, 04:56 AM
|
#2 |
|
Posts: n/a
|
Re: Attackers targeting media players
Winged wrote:
> http://australianit.news.com.au/arti...-15318,00.html > > There is a lot of truth in this article based on recent trends. Apple > Quicktime, Macromedia shockwave, Windows media player, Adobe Acrobat, > all of have current or recent issues. > > Folks need to consider if they actually need these items to do business > and ensure they have mitigated the threats posed by these plug-ins. > > These vectors are wonderful vectors for ingress into most networks via > e-mail links and html pages. Most networks have groups of users who > can't resist sharing a fine video, a religious, funny or patriotic > sentiment who do not understand the threat. We have found policies on > this activity difficult to enforce (though we are removing a couple > threat vector users permanently as I speak), but users can't seem resist > sharing some fine sentiment, irrespective of the consequences > > ....mutters. > > Thought some might find the article useful for their user education > campaigns. > > Winged Excellent comments. I read a similar article about 3 or so months ago. Basically, it said hackers were shifting their focus to third party apps like media applications. In a work environment, if you do not need it, don't install it.... Imhotep Imhotep |
|
|
|
11-23-2005, 09:26 AM
|
#3 |
|
Posts: n/a
|
Re: Attackers targeting media players
On Tue, 22 Nov 2005 22:06:26 -0600, Winged <>
wrote: >There is a lot of truth in this article based on recent trends. Apple >Quicktime, Macromedia shockwave, Windows media player, Adobe Acrobat, >all of have current or recent issues. > >Folks need to consider if they actually need these items to do business >and ensure they have mitigated the threats posed by these plug-ins. <snip> Adobe acrobat is a 'must have' these days. For those clients who need real audio, I've been installing 'the Real alternative' - however I think it actually uses media player to work, so that becomes an essential too. It does, however avoid the sprawling mass of Real player and its 'extra functionality'. -- Jim Watt http://www.gibnet.com Jim Watt |
|
|
|
11-23-2005, 10:09 AM
|
#4 |
|
Posts: n/a
|
Re: Attackers targeting media players
In article <>, on Wed, 23 Nov 2005 10:26:30 +0100, Jim
Watt wrote: | On Tue, 22 Nov 2005 22:06:26 -0600, Winged <> | wrote: | | >There is a lot of truth in this article based on recent trends. Apple | >Quicktime, Macromedia shockwave, Windows media player, Adobe Acrobat, | >all of have current or recent issues. | > | >Folks need to consider if they actually need these items to do business | >and ensure they have mitigated the threats posed by these plug-ins. | | <snip> | | Adobe acrobat is a 'must have' these days. Try <http://www.foxitsoftware.com/pdf/rd_intro.php> ... -- DavidPostill DavidPostill |
|
|
|
11-23-2005, 03:21 PM
|
#5 |
|
Posts: n/a
|
Re: Attackers targeting media players
DavidPostill wrote:
> In article <>, on Wed, 23 Nov 2005 10:26:30 +0100, Jim > Watt wrote: > > | On Tue, 22 Nov 2005 22:06:26 -0600, Winged <> > | wrote: > | > | >There is a lot of truth in this article based on recent trends. Apple > | >Quicktime, Macromedia shockwave, Windows media player, Adobe Acrobat, > | >all of have current or recent issues. > | > > | >Folks need to consider if they actually need these items to do business > | >and ensure they have mitigated the threats posed by these plug-ins. > | > | <snip> > | > | Adobe acrobat is a 'must have' these days. > > Try <http://www.foxitsoftware.com/pdf/rd_intro.php> ... I bought a new WinXP box last March. I uninstalled Flash, among other crap, and haven't looked back. Eight months without any Adobe or Macromedia software and loving every minute of it. YMMV. Ron  Ron Lopshire |
|
|
|
11-23-2005, 05:30 PM
|
#6 |
|
Posts: n/a
|
Re: Attackers targeting media players
Ron Lopshire wrote:
> > DavidPostill wrote: > > > In article <>, on Wed, 23 Nov 2005 10:26:30 +0100, Jim > > Watt wrote: > > > > | On Tue, 22 Nov 2005 22:06:26 -0600, Winged <> > > | wrote: > > | > > | >There is a lot of truth in this article based on recent trends. Apple > > | >Quicktime, Macromedia shockwave, Windows media player, Adobe Acrobat, > > | >all of have current or recent issues. > > | > > > | >Folks need to consider if they actually need these items to do business > > | >and ensure they have mitigated the threats posed by these plug-ins. > > | > > | <snip> > > | > > | Adobe acrobat is a 'must have' these days. > > > > Try <http://www.foxitsoftware.com/pdf/rd_intro.php> ... > > I bought a new WinXP box last March. I uninstalled Flash, among other > crap, and haven't looked back. Eight months without any Adobe or > Macromedia software and loving every minute of it. YMMV. Clearly, you're not a business user. Not a day goes by where I'm not reading/writing a PDF. Notan Notan |
|
|
|
11-24-2005, 09:50 AM
|
#7 |
|
Posts: n/a
|
Re: Attackers targeting media players
Notan wrote:
> Ron Lopshire wrote: > >>DavidPostill wrote: >> >> >>>In article <>, on Wed, 23 Nov 2005 10:26:30 +0100, Jim >>>Watt wrote: >>> >>>| On Tue, 22 Nov 2005 22:06:26 -0600, Winged <> >>>| wrote: >>>| >>>| >There is a lot of truth in this article based on recent trends. Apple >>>| >Quicktime, Macromedia shockwave, Windows media player, Adobe Acrobat, >>>| >all of have current or recent issues. >>>| > >>>| >Folks need to consider if they actually need these items to do business >>>| >and ensure they have mitigated the threats posed by these plug-ins. >>>| >>>| <snip> >>>| >>>| Adobe acrobat is a 'must have' these days. >>> >>>Try <http://www.foxitsoftware.com/pdf/rd_intro.php> ... >> >>I bought a new WinXP box last March. I uninstalled Flash, among other >>crap, and haven't looked back. Eight months without any Adobe or >>Macromedia software and loving every minute of it. YMMV. > > > Clearly, you're not a business user. > > Not a day goes by where I'm not reading/writing a PDF. > > Notan I didn't say that I don't read PDF, I just don't use Adobe. Ron Ron Lopshire |
|
|
|
| Thread Tools | Search this Thread |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| which DVD players support DL media? | def456 | DVD Video | 12 | 02-24-2007 02:23 AM |
| As growth slows, Hollywood faces a DVD standoff. | Allan | DVD Video | 0 | 07-11-2005 02:10 PM |
| Beyond the Office [Burning Questions: Picking the Right Media, Part 2 - 05/24/2005] | Ablang | DVD Video | 0 | 05-25-2005 03:34 AM |
| High Definition and the future of viewing. | Allan | DVD Video | 3 | 03-09-2005 12:56 AM |
| Media Conductor V3.0 released | Rich | DVD Video | 0 | 11-23-2004 06:37 AM |
