Attackers seize on new zero-day flaw in Word
Posted by Daniel Fleshbourne on 16 February 2007 - 12:13 · 5 comments & 4074 views
About the Author
Full name: Daniel Fleshbourne
Forum name: Daniel
Contact: via forum PM
Submissions: Normal · Headline
Full name: Daniel Fleshbourne
Forum name: Daniel
Contact: via forum PM
Submissions: Normal · Headline
Slashdot It!
Submit to reddit
Submit to blinklist
Bookmark on del.icio.us
Add to furl
Share on Facebook
Add to Windows Live
Add to Google- Advertisement
-
-
(3 replies)
#2 Posted by billyea on 16 Feb 2007 - 17:50
- I think the hackers have a huge list of vulnerabilities and exploits. When Microsoft fixes one, they announce a new one from their store, thus giving an impression that Office is constantly being exploited.
-
#2.1 Posted by
markjensen on 16 Feb 2007 - 20:37
- If they have compiled a listing of vulnerabilities and exploits, like you theorize, then isn't quite obvious that they already have the power to constantly exploit the software?
-
#2.2 Posted by parithon on 17 Feb 2007 - 02:15
- Quote - (markjensen said @ #2.1)If they have compiled a listing of vulnerabilities and exploits, like you theorize, then isn't quite obvious that they already have the power to constantly exploit the software?
Not really... there is no way Microsoft could possibly know all the exploits that may or may not be used by a hacker. Until the problem has been published and verified by Microsoft, they couldn't possibly know how to prevent the attack, much less prevent it in the future; if you don't know a problem exists, you'll continue using the methods you assume are working correctly. -
#2.3 Posted by markjensen on 17 Feb 2007 - 03:53
- Quote - (parithon said @ #2.2)Ummm... My comment was regarding the first comment which stated that this was staged by hackers holding back flaws they discovered to give the impression that Office was constantly flawed.Quote - (markjensen said @ #2.1)If they have compiled a listing of vulnerabilities and exploits, like you theorize, then isn't quite obvious that they already have the power to constantly exploit the software?
Not really... there is no way Microsoft could possibly know all the exploits that may or may not be used by a hacker. Until the problem has been published and verified by Microsoft, they couldn't possibly know how to prevent the attack, much less prevent it in the future; if you don't know a problem exists, you'll continue using the methods you assume are working correctly.
I made no comment about Microsoft unable or needing to patch unknown holes. That would be ridiculous.
Griesi said the status of the bugs and their patches -- most of which were being used by cybercriminals in targeted attacks -- was confusing. "Some of that is because in the time since the vulnerabilities began appearing, there were other reports on new zero-days," said Griesi. "But those were not new zero-days." Instead, Microsoft determined that in-the-wild exploits weren't working, or that the bugs being used had already been disclosed. The newest Word flaw fits the first scenario. On Feb. 9, McAfee Inc. researchers said that they had found another unpatched bug in Microsoft Word 2000. That same day, Microsoft reported that its analysis indicated the flaw could only crash the word processor. Such distributed denial of service (DDoS) vulnerabilities are considered less threatening, since they may not let the attacker run his own code on the compromised machine.