Tag Archives: zero day

Mark Russinovich’s ‘Zero Day’ – Fiction Or Fact?

imageMuslim jihadist, undetectable rootkits, replicating viruses with cloaking capabilities, inept politically motivated government departments,  security application vendors driven by their own needs – all accelerating toward a nexus where economic destruction, and personal calamity, show every sign of being  unavoidable.

….. and one man, with bulldog determination, who struggles to change the course of the seemingly inevitable.

An improbable scenario? Hardly!  As an Internet Security professional, I recognize the ingredients in this recipe for disaster, only too well.

Mark Russinovich, in his first solo effort, has crafted a bombshell tale of fiction in his just released novel – Zero Day; ripped out of the mishmash of disorganized chaos, and conflicting objectives, that passes for system and Internet security.

Russinovich, well known to those of us in the Internet Security community, as well as techies and high level computer users, as the mastermind behind Sysinternals, knows his stuff.

In Zero Day, Russinovich takes us on a skillfully crafted journey which relies on accuracy – no exaggerations – perhaps even understated; which is, at it’s core, frightening in it’s revelations.

The fact that the novel is fiction, doesn’t change the underlying reality – our reliance on the Internet has led us into a state where economic and personal mayhem may be just around the next corner.

As an avid reader who chows down on eight or more books a month, I could hardly wait to get my hands on Zero Day following an invitation to critique. I was not disappointed.

Zero Day is event driven, and relies on a fast pace rather than character development to capture the readers imagination. A great read – entertaining, and at the same time, sure to bring into question the continuing viability of the Internet as we know it.

For more information visit:  Zero Day – The Book.

Mark Russinovich is a leading expert on cyber-security and a Technical Fellow at Microsoft, Microsoft’s highest technical title.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Advertisements

11 Comments

Filed under Books, Cyber Crime, Cyber Criminals, Microsoft, Opinion, Writing

Using Adobe Reader? – Then Watch This Video Of Your Computer Being Penetrated

imageThere is nothing particularly unusual in Adobe Reader having an unpatched vulnerability. If you use Adobe reader, you’re used to having to wait for Adobe to release another patch to correct another vulnerability.

Once the fix is released you’ll be safe – at least temporarily; but only until the next bug is discovered.

The latest bug in Adobe Reader, CoolType.dll, which was disclosed on September 10, won’t be patched until October 4. In the meantime, if you’re a user of this application, take a look at this YouTube video which illustrates just how easy it could be for a hacker to penetrate your computer system by exploiting this vulnerability.

image

Click on the graphic to watch the clip.

image

A big thank you to my Blogging buddy Dan Dieterle over at Cyberarms, for putting me on to this video. Dan has tested this exploit, and confirms that it works.

For additional information, checkout Dan’s article – Adobe Reader PDF 9.3.4 “Cooltype Sing” Zero Day Exploit.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

11 Comments

Filed under Adobe, Application Vulnerabilities, cybercrime, Don't Get Scammed, Don't Get Hacked, Internet Security Alerts, Malware Advisories, Online Safety, Video, Windows Tips and Tools

Adobe Reader and Adobe Flash Player Vulnerabilities Remain Unpatched

image You phone 911 to report an emergency in your home – a fire, burglary, accidental fall; I’ll let you use your imagination to expand on this list. While you’re imagining; imagine this – the 911 operator instructs you not to worry, help will arrive within a week or so.

Computer users running Adobe Flash player (versions 9 and 10), as well as Adobe Reader and Acrobat 9.1.2, are currently subject to attack by cyber-criminals capitalizing on a zero-day vulnerability, and find themselves in an analogous position.

This is an extremely serious vulnerability which could result in a successful takeover of an attack victim’s computer through remote code execution. Like the 911 operator above, Adobe’s response to this vulnerability is, don’t worry we’ll get to you, we’ll fix it – just not now.

According to Adobe:

“We are in the process of developing a fix for the issue, and expect to provide an update for Flash Player v9 and v10 for Windows, Macintosh, and Linux by July 30, 2009 (the date for Flash Player v9 and v10 for Solaris is still pending). We expect to provide an update for Adobe Reader and Acrobat v9.1.2 for Windows, Macintosh and UNIX by July 31, 2009.”

To read the rest of Adobe’s response checkout “Security advisory for Adobe Reader, Acrobat and Flash Player”, at the Adobe site.

If you are like most computer users, you were probably only minimally interested in installing the latest updates of Adobe products since you may not have been aware of the important security patches they contain. In fact, you may not be aware of how important it is to keep all installed applications up to date, and patched.

Save yourself a lot of time and aggravation, and ensure that all your installed applications are always patched and up to date, by installing Secunia PSI, a free application which scans your PC for installed application vulnerabilities. In this case, it would have notified you of the Adobe vulnerabilities.

image

Without Secunia PSI installed, you leave yourself open to attacks and exploits that seem to be increasing in frequency.

image Consider this from ZDNet:

Ten free security utilities you should already be using –
Number one is the Secunia Personal Software Inspector, quite possibly the most useful and important free application you can have running on your Windows machine.

For more information on Secunia PSI please read “Play Russian Roulette – Don’t Update Your Applications”, on this site. This review of Secunia PSI includes download links.

In the meantime: Steps you can take while waiting for Adobe to issue these critical patches –

As always, be cautious when browsing untrusted websites

Ensure your AV definitions are current

If you are running FireFox you should be running the NoScript add-on, and you might consider installing and running the Flashblock add-on. Both offer substantial protection. This solution is not perfect however, and you may still be vulnerable.

Run all software as a non-privileged user with minimal access rights.

Frankly, I do not use, nor would I ever use, an Adobe product on any of my systems. These zero day exploits against Adobe products seem to be never ending.

To read a comprehensive technical report on this issue, check out “Heap Spraying with Actionscript – Why turning off Javascript won’t help this time”, on the FireEye Malware Intelligence Lab site.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

5 Comments

Filed under Adobe, Application Vulnerabilities, Don't Get Hacked, Firefox Add-ons, Free Anti-malware Software, Freeware, Internet Safety, Malware Advisories, Online Safety, Security Rating Applications, Software, System Security, Windows Tips and Tools