Translate

World’s Deadliest Computer Exploits Rated by Security Experts

virus


Criminal hackers continue to penetrate many more company networks than most administrators care to admit, according to two security experts who offered a list of the most effective exploits used to gain entry…


binary code


The Federal Bureau of Investigation (FBI), has been using software it calls CIPAV Computer and Internet Protocol Address Verifier for nearly a decade, according to Freedom of Information Act (FOIA), documents obtained by Wired Magazine.

Agents lure the target, usually someone who’s concealing his Internet Protocol (IP) address to mask his identity, into clicking on a certain Web site, which infects his machine with the CIPAV software. The software’s primary utility appears to be in tracking down suspects that use proxy servers or anonymizing websites to cover their tracks.

The CIPAV will be deployed through an electronic messaging program from an account controlled by the FBI. The computers sending and receiving the CIPAV data will be machines controlled by the FBI. The electronic message deploying the CIPAV will only be directed to the administrator(s) of the “*********” account.

CIPAV then “phones home” to tell the FBI the target’s IP address, operating system and serial number, installed software, list of recently visited Web sites, registered name and a whole lot of other stuff that’s whited out in the documents.


There are many exploits (unpatched software holes), to choose from
There’s an old hole — patched early last year — in the way Windows renders WMF (Windows Metafile) images. Cyber crooks are still using it to install keyloggers, adware and spyware on vulnerable machines. Last year it even popped up in an attack on MySpace users delivered through an ad banner. Then there is the newer exploit – the Windows animated cursor vulnerability, which was discovered being exploited by Chinese hackers in March 2007. There are also holes in Apple’s QuickTime browser plug-in — fixing it means downloading and reinstalling QuickTime. Like the animated cursor hole, some of the QuickTime vulnerabilities allow an attacker to gain complete control of a machine remotely. “They might have embedded something in a QuickTime movie – January 2007.

“A remote vulnerability exists as of April 25th 2009 in the QuickTime player for Windows XP and Vista (latest service packs),” said company founder Petko D. Petkov in a blog post. “An attacker could exploit the vulnerability by constructing a specially crafted QuickTime supported media file that allows remote code execution if a user visited a malicious Web site, opened a specially crafted attachment in e-mail, or opened a maliciously crafted media file from the desktop.”


2009

ID Title Release Date
SA09-104A Microsoft Updates for Multiple Vulnerabilities April 14, 2009
SA09-088A Conficker Worm Targets Microsoft Windows Systems March 29, 2009
SA09-069A Microsoft Updates for Multiple Vulnerabilities March 10, 2009
SA09-051A Adobe Acrobat and Reader Vulnerability February 20, 2009
SA09-041A Microsoft Updates for Multiple Vulnerabilities February 10, 2009
SA09-022A Apple QuickTime Updates for Multiple Vulnerabilities January 22, 2009
SA09-013A Microsoft Updates for Multiple Vulnerabilities January 13, 2009
2008 ? ?
ID Title Release Date
SA08-352A Microsoft Internet Explorer Data Binding Vulnerability December 17, 2008
SA08-350A Apple Updates for Multiple Vulnerabilities December 15, 2008
SA08-344A Microsoft Updates for Multiple Vulnerabilities December 9, 2008
SA08-340A Sun Java Updates for Multiple Vulnerabilities December 5, 2008
SA08-319A Mozilla Updates for Multiple Vulnerabilities November 14, 2008
SA08-316A Microsoft Updates for Multiple Vulnerabilities November 11, 2008
SA08-309A Adobe Reader and Acrobat Vulnerabilities November 4, 2008
SA08-297A Microsoft Windows Server Service Vulnerability October 23, 2008
SA08-288A Microsoft Updates for Multiple Vulnerabilities October 14, 2008
SA08-260A Apple Updates for Multiple Vulnerabilities September 16, 2008
SA08-253A Microsoft Updates for Multiple Vulnerabilities September 9, 2008
SA08-225A Microsoft Updates for Multiple Vulnerabilities August 12, 2008
SA08-193A Sun Updates for Multiple Vulnerabilities July 11, 2008
SA08-190A Microsoft Updates for Multiple Vulnerabilities July 8, 2008
SA08-162C Apple QuickTime Updates for Multiple Vulnerabilities June 10, 2008
SA08-162B Microsoft Updates for Multiple Vulnerabilities June 10, 2008
SA08-150A Apple Updates for Multiple Vulnerabilities May 29, 2008
SA08-149A Exploitation of Adobe Flash Vulnerability May 28, 2008
SA08-134A Microsoft Updates for Multiple Vulnerabilities May 13, 2008
SA08-100A Adobe Updates for Multiple Vulnerabilities April 9, 2008
SA08-099A Microsoft Updates for Multiple Vulnerabilities April 8, 2008
SA08-094A Apple QuickTime Updates for Multiple Vulnerabilities April 3, 2008
SA08-087A Mozilla Updates for Multiple Vulnerabilities March 27, 2008
SA08-079A Apple Updates for Multiple Vulnerabilities March 19, 2008
SA08-071A Microsoft Updates for Multiple Vulnerabilities March 11, 2008
SA08-066A Sun Updates for Multiple Vulnerabilities in Java March 6, 2008
SA08-043C Microsoft Updates for Multiple Vulnerabilities February 12, 2008
SA08-043B Apple Updates for Multiple Vulnerabilities February 12, 2008
SA08-043A Adobe Reader and Acrobat Vulnerabilities February 12, 2008
SA08-016A Apple QuickTime Updates for Multiple Vulnerabilities January 16, 2008
SA08-008A Microsoft Updates for Multiple Vulnerabilities January 8, 2008


Get vulnerabilities & exploit ALERTS sent to your email from the National Cyber Alert System here !!!

Get vulnerabilities & exploit ALERTS in your newsreader from @RISK: The Consensus Security Alert

The FBI released a 152 heavily-redacted pages in response to Threat Level’s FOIA request, and withheld another 623.

Update: The FOIA documents are now available for download here

Now for the world’s deadlliest exploits…

View entire article here

Leave a Reply