Here You Have Worm Leads Week of Security News
A mass-mailer worm caused agita for IT administrators and topped the past week's security news.
Dubbed the "Here you have" worm based on the subject line of a carrier e-mail that flooded inboxes around the world Sept. 9, the worm disrupted e-mail systems at a number of high-profile companies and institutions. Reminiscent of old-school attacks such as the Anna Kournikova virus, the worm infected Windows computers, terminated security software processes and services, and attempted to download malicious files.
In an analysis of the malware, Joe Stewart, director of malware research at SecureWorks, uncovered a tie between the attack and a self-proclaimed cyber-jihadist group behind a similar attack in August. The organizations affected by the worm reportedly ran the gamut from NASA to Wells Fargo and Comcast.
Attackers also set their sights on a zero-day bug affecting Adobe Reader and Acrobat. With attacks under way, Adobe Systems and Microsoft reported the latter's Enhanced Mitigation Experience Toolkit 2.0 could be used to mitigate attacks. Adobe is planning a patch to address the issue.
Microsoft also made headlines when it was reported that a magistrate judge recommended Sept. 3 that the U.S. District Court for the Eastern District of Virginia rule in the company's favor in a lawsuit filed to take down the Waledac botnet. The recommendation was to grant a default judgment that would transfer ownership of the 276 domains behind the botnet to Microsoft.
"In this case, Microsoft presented evidence to the court that although the defendants did not come forward, they were aware of the case and actively tried to retaliate, attempting to launch a distributed-denial-of-service (DDOS) attack against the law firm that filed the suit and even going so far as to threaten one of the researchers involved in the case," Microsoft said.
Microsoft is also prepping nine security bulletins for Patch Tuesday. The bulletins will be released Sept. 14, and follow an August update that covered nearly three dozen vulnerabilities in a number of products. The upcoming bulletins will address problems in Windows, Microsoft Office and Microsoft ISS (Internet Information Services), according to Microsoft.
Apple and Mozilla did some patching in the past week as well, pushing out updates to their Web browsers to address the DLL loading issue affecting applications running on Windows. Both Apple Safari and Mozilla Firefox were on the list of vulnerable applications, which researchers have said also includes Microsoft Word 2007 and Adobe Photoshop.