Patched Flaw Used in Mayor Attack

Discussion in 'Computer Support' started by Tony, Feb 23, 2007.

  1. Tony

    Tony Guest

    Not much point in posting that info here, you're far too late! Wrong group
    Tony, Feb 23, 2007
    1. Advertisements

  2. Tony

    Au79 Guest

    Mass-pharming attack targeting 50 banks is shut down

    By Frank Washkuch Jr. Feb 22 2007 16:10

    Fifty financial institutions in the United States, Europe and the
    Asia-Pacific region were hit with a well crafted pharming attack this week.

    In preparation for the attacks, hackers created mock pharming websites for
    each financial institution they targeted, according to press reports from
    the IDG News Service.

    Researchers from Websense told the wire service that attackers lured victims
    to a website hosting malicious code that exploited a patched Microsoft

    Microsoft patched the flaw last May. The vulnerability requires a user to
    only visit a website to have his or her PC infected by malware.

    In this attack, the malicious website would download a trojan known as
    ieexplorer.exe, which downloads more malware from Russia. The websites then
    display an error message asking users to shut off firewalls and anti-virus
    software, according to the reports.

    Victimized users are then redirected to the malicious pharming websites that
    appear similar to legitimate financial websites. Attackers can use the
    collected personal information for identity fraud, or sell the details to
    other criminals.

    Dan Hubbard, vice president of security research at Websense, told today that the attacks were well researched and designed.

    "They are very well planned and thought out. Resilient infrastructures,
    sophisticated malcode and very good back-end control and statistic," he
    said. "The use of malicious code is growing very fast. This is being used
    more and more and we believe it will rise in both frequency and
    sophistication. The attack success percentages are higher also."

    ISPs have shut down websites hosting the malicious code in Germany, Estonia
    and the United Kingdom. The attack also installs a bot on infected PCs,
    according to the report.
    Au79, Feb 23, 2007
    1. Advertisements

  3. Tony

    Fuzzy Logic Guest

    Once again showing the importance of properly maintaining your system.

    If my car has a safety recall and I ignore it and then fall victim to the issue it's NOT the manufacturer's fault.
    Fuzzy Logic, Feb 23, 2007
  4. Tony

    Au79 Guest

    Windos is a car that gets recalled often. I wonder if users just get sick of
    dealing with it to the point where it's just easier to ignore all the
    Au79, Feb 24, 2007
  5. Tony

    Fuzzy Logic Guest

    All major OS's get frequent 'recalls'. For example I know of 4 patches this month for SuSE alone:
    Fuzzy Logic, Feb 27, 2007
  6. Tony

    Fuzzy Logic Guest

    I supplied this example in another post to you. In case you missed it.

    Here are two patches for the SuSE Kernel released within 3 months of each other:

    There are many good reasons for "Patch Tuesday":

    Also of the 12 most recents Windows updates close to half were Office related. If you are including non-OS
    patches there were 15 security updates for SuSE in January:
    Fuzzy Logic, Mar 1, 2007
  7. Tony

    Au79 Guest

    ....and yet, Linux is clearly far more secure than windos.
    Au79, Mar 2, 2007
  8. Tony

    Fuzzy Logic Guest

    You appear to be looking through rose coloured glasses. I continue to refute you arguments and yet you

    You have stated in previous posts that an unpatched *nix box is still more secure than a fully patched
    Windows box. I really have to question your reasoning. For example if you are running Sun Solaris and you
    haven't installed the appropriate patch you will shortly be a victim of a telnet worm and your system seriously

    You probably don't need to worry about this as you run SuSE and also believe there is no malicious software
    for *nix. I even offered you a "free sample" but you denied such a thing even existed. Keep your head in the
    sand and ignore the signs that as *nix gets more common it's also going to become a more popular target for
    exploitation. Invariably these attacks will take advantage of well documented flaws that have already been
    patched similar to attacks on Windows systems. Most Windows attacks involve an already patched exploit or
    an attack requiring user intervention (opening an unsolicited attachment or running questionable programs that
    the user is enticed to do via social engineering).

    So again I will state your overall system security has more to do with how well it's maintained and used than
    your actual OS. If you don't maintain your OS and/or do stupid things like open unsolicited attachments or
    execute questionable programs you will eventually get burned regardless of the OS. To put it another way
    security is a process that has little to do with the hardware or software you use. No OS is 100% secure and
    your overall system security is a moving target as new flaws are found and fixed. So saying product A is
    'more secure' than product B is nearly impossible unless you are willing to nail down EXACTLY what hardware
    and software you are running, the patch levels and versions of all software on the system including device
    Fuzzy Logic, Mar 2, 2007
  9. Tony

    Au79 Guest

    I don't believe that you have refuted any arguments credibly. I continue to
    post voluminous stories from journals around the world about new and
    improved windos vulnerabilities, old vulnerabilities left unpatched, and
    patches that require patches.

    Your entire stance seems to be that it is the user that is the problem, and
    not some arrogant and incompetent conglamorate. Their marketing teams spend
    countless hours touting windos as being the "most secure", only to get egg
    in their face.

    Microsoft, like your arguments, is a technical failure.
    And while users patch their windos and Unix boxes, the fact remains that
    windos will sprout brand new holes at such an accelerated rate to make Unix
    seem virtually indestructible, patches and all.
    There's no malicious software that can cause the same amount of damage and
    destruction as in a winbox.
    Talk about delusional. Why don't you release this wonder of yours into the
    wild and rid the world of Unix once and for all?
    This old argument has been around for too long. Since 80% of the Internet
    depends on Unix and Unix-based software to run, it is a mighty big target
    that has not been brought down. The fact is that Unix is already a target
    for hard-core hackers, the best coders with the biggest brains have not
    succeeded in turning the net off.
    Not Mr. fuz, the worst viral attacks turn PC's into zombies without user
    intervention. Worms and viruses simply get in and meddle with the registry
    and other system areas, sans help.
    Yes, your broken record argument. I really don't see how you can believe
    that anyone with a high school education can take you seriously. Every
    thing that you describe above is only- and only- found in a windos
    Again, all relative, by itself Linux may not be 100% secure against a hard
    core hacker, but comparing it to measly windos, it is 100% secure against
    winbox programmers.
    Again, you gotta clear that fuzz off your logic. We are comparing two vastly
    different architectures: One offers its system areas to anyone that passes
    by. The other was design with the assumption that multiple users sharing
    resources within the same system cannot be left unchecked.

    So from the ground-up Unix internal mechanisms do not allow the same
    promiscuity as windos. Oh, but its a good business strategy by MS.
    Au79, Mar 3, 2007
  10. Tony

    Fuzzy Logic Guest

    I will try and put this in simple terms that hopefully you can understand:

    1) All OS's have vulnerabilities and will continue to have them.
    2) There are often patches for the same component as new vulnerabilities are found in that component (I
    sent you links for 2 patches for the SuSE kernel that have been released within months of each other).
    3) Hackers typically exploit documented vulnerabilities (half the work is done for them) so it's important that
    you apply patches ASAP
    4) If you are not practising safe computer techniques the OS may not be able to protect you from yourself
    (and why should it?).
    The weakest link in computer security is the user not the OS. Failing to install ONE critical patch is all it takes
    for the bad guys to gain access to your system regardless of the OS.
    I really have no desire to spend time behind bars.
    The Internet hardly DEPENDS on *nix. Certainly many servers on the Internet use *nix but that server could
    just as easily be a Windows box running equivalent software. There is no money to made in turning the net
    off so that's unlikely to happen anytime soon.
    That's correct the user didn't install a patch that would have prevented this from happening.
    So you are saying there are no critical vulnerabilities in *nix? That patches don't come out on a regular basis
    for *nix? That maintaining your system is NOT important to your security? That the failure to apply a patch
    for a single critical vulnerability is all it takes to compromise your system? That opening unsolicited
    attachments is OK? That downloading questionable software is fine?

    If so there is no point in any further discussion.
    Fuzzy Logic, Mar 7, 2007
  11. Tony

    Au79 Guest

    And windos continues to be the weakest of the OS's. It's unprecedented how
    buggy and unreliable this piece of coding embarrassment has been since its
    inception... And all the king's men, and all the king's money can't put it
    And when Linux needs to be patched, the response from the community is
    swift. Unlike MS which takes forever to release a patch, only to re-relase
    it IF it is released.
    A well designed system, such as any that is Unix based, can minimize or
    completely eliminate threats and exposures, thus protecting the user. Even
    with all the best practices applied to a windos environment, it will never
    be as secure and reliable as a Linux based environment. This is a fact.
    Again, and again, windos has MANY, (too many) vulnerabilities with new ones
    springing just about every week. At that rate, hackers will continue to be
    ahead of the patching cycle, and as it happend before, continue to make
    zombies out of winboxes (to be fair, windos is can turn a PC into a walking
    cadaver without hacker help).
    This is quite laughable: who's going to turn you in, Mr.
    No, it could not. What kind of IDIOT sysadmin or CIO would use the weakest,
    most unreliable operating system to run critical processes.
    Hackers, especially the most adept, are not driven by financial incentives
    but by sheer ego; They challenge themselves continously to see who can pull
    off the greatest feat.
    And yet, there are new (successful) worms and viruses all the time. windos
    really sucks.
    Not at the alarming rate in which windos has to patch its mediocre system.
    It is important. That's why Linux is better: Patches do their job.
    Linux and Mac users have not seen the hell that windos users have seen.
    Microsoft, which caters to the consumer market, has condemned its users to
    a vicious and contemptuous cycle of self-monitoring, self-maintenance, and
    forcing users to patch a system that will never be secure or reliable.

    It isn't Linux that needs to be re-booted or re-installed on a regular
    basis. windos users are accustomed to third party software for OS support,
    the reset button, and System Restore.
    Please, do shut up.
    Au79, Mar 9, 2007
  12. Tony

    Tester Guest

    One of my local supermarkets has an awning which advises that they
    accept "all mayor credit cards". Many of the employees are from Latin
    America and I assume this is an instance of what language teachers
    call "false friends".
    Tester, Mar 9, 2007
  13. Tony

    Fuzzy Logic Guest

    What is an alarming rate? SuSE had more patches for January than Windows. There are no patches planned
    for Windows for March.
    As they do in Windows.
    I'm not sure how you can speek for Windows users as I get the impression you stay very far away from that
    environment. I support 600+ Windows users and that certainly hasn't been my experience because we
    properly maintain our systems and offer user training on the safe use of computers.

    My argument is, and will continue to be, that proper system management and safe computing is more important
    to your OVERALL security than the OS you use.

    To put it another way you can have the safest car in the world but if you are a terrible driver it's not going to
    prevent you from having an accident. It MAY mitigate the damage but ultimately it's better to avoid the accident
    Fuzzy Logic, Mar 9, 2007
  14. Tony

    Au79 Guest

    How about totaling ALL patches for windos vs SuSE from 2005 to 2007?
    The OS you use is an INTEGRAL part of an effectively secure environment.
    User education is good, but only to advert social engineering, not to
    convert users into sysadmins.
    If you have the choice of going cross-country in a Ford Pinto or a BMW,
    well, you should take the most reliable and secure vehicle. I could get by
    on the Pinto if I constantly patch it and kludge it, and re-boot it, and
    use third party parts, and...

    Heck, I'll take the BMW and try not to get a ticket.
    Au79, Mar 10, 2007
  15. As i've said before, you're wasting your time trying to "educate" that

    Not all the patches are applicable, as they're mostly for applications
    which *may* or may *not* be installed by the user (for example:
    A security patch for Opera, *if* you're running Opera, &.....erm...that's
    *not* a SUSE patch!

    Security update patches for the DazukoFS kernel (from RedHat) & *not*
    installed by default, so......anyone running that? (SuSE offers a
    pre-built Dazuko kernel, but not everyone uses it. Besides AppArmor
    conflicts with it.)

    A security patch for Acroread, *if* you've got Acroread installed,
    &.....erm...that's *not* a SUSE patch!

    And so on.....& so on....)

    NOR were January's patches *all* security ones, merely upgrades.

    So saying that "SuSE had more patches for January than windows" is like
    comparing apples & oranges.

    What the bozo forgets is, that a lot of linux users are *ex*windoze users,
    or in some cases still use windoze in their work place, so they *can*
    speak about it.
    If you have an OS that let's you be an admin by *default*, & can be
    damaged/infected with almost *every* click on *whatever* you fancy, & one
    that won't let anything be installed without you knowing the root
    password, I'll take the latter. Linux, inherently safer by design.
    William Poaster, Mar 10, 2007
  16. Tony

    Maximum Dog Guest

    Sir Righteous Billy Poaster wrote:

    As usual with the name calling, as he and other Linux users, for the
    most part, think they are better than anyone else. They are Super
    Beings, because they are using an O/S a bunch of programs. You strip him
    butt necked and you'll find he is no better than any other man or woman.
    Suse is getting patched security wise. I got Suse. Don't let him fool you.
    Who cares?
    Who cares?
    Oh, Jan., Feb. and Mar. and the fact remains that Suse and Linux in
    general is being patched, because it's written by fallible Human Beings.
    They are not Supermen or Superwomen.
    A security patch is a security patch no matter what it may be, let's
    call the patches Fruit Loops.
    And once again, the name calling from a Linux lunatic.
    Who cares? There is nothing he can do about this, other than, the usual
    rant, bitch and whine. All one has to do is read this to know that
    there is something inherently wrong with this person.

    Man oh man, it's Sir Righteous Billy on the loose.
    Maximum Dog, Mar 10, 2007
  17. An update: The reason why there are no windoze patches for March is *not*
    because windoze doesn't *need* any ( It does. Popular versions of Word
    remain vulnerable to an unpatched vulnerability discovered *four weeks
    ago* that might be used to spread malware, so it's not as if there's no
    need for Microsoft to issue patches.) but its apparently due to the
    result of the upcoming Sunday switch in some geographies to Daylight
    Savings (Summer) Time. Redmond will, however, be making its regular
    monthly update to the Microsoft Windows Malicious Software Removal Tool
    and issuing a number of non-security related high-priority updates as
    William Poaster, Mar 10, 2007
  18. Tony

    Maximum Dog Guest

    Sir Righteous Billy Poaster wrote:

    No one gives a rat's butt about Sir Righteous Billy's take on things.
    Sir Righteous Billy is no authority on anything. How did this Linux
    lunatic anoint himself as some kind of an authority on something? Sir
    Billy will do good to make himself an authority on his own little
    worthless existence.
    Maximum Dog, Mar 10, 2007
  19. Tony

    Fuzzy Logic Guest

    Which Windows (3.1,ME,NT,XP,2003)? The total number, while a metric, is for the most part irrelevant. Again it
    only takes one unpatched critical vulnerabilty to bring down your OS.
    We've gone in circles about patches for patches. You seem to believe that there has NEVER been more than
    one patch for any component in *nix. I supplied links showing 2 patches to the SuSE kernel in less than 3
    months. The fact is that you believe that Microsoft is incapable of doing anything right and no argument from me
    will dissuade you of this.
    If a person doesn't have the basics of computer security/maintenance no OS will protect them. Nearly all
    attacks on systems are a form of social engineering. The rest take advantage of already patched
    vulnerabilities. The OS cannot protect people from these types of attacks (open this friendly greeting card, click
    on this link to install this lovely free program). Computer savvy users generally do not fall prey to these attacks
    and know to keep their systems updated. My experience, unfortunately, is that there are a vast number of
    users who do not have even the most basic computer security skills and this is why (not because of the OS)
    their machines have malware. I stand by my argument that these users will get in trouble with any OS simply
    because they lack these basic skills.
    I'd take the one that was better maintained. The BMW may not have have any oil in it becuase the owner didn't
    realize it needs regular maintenance.
    Fuzzy Logic, Mar 13, 2007
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.