Microsoft Security, DDoS Attacks and Spam Top Security News

 
 
By Brian Prince  |  Posted 2010-12-26
 
 
 

The past week in security featured a round of new security warnings from Microsoft, security research and a feud between neighbors that turned into a miniature cyber-war.

Microsoft issued an advisory Dec. 22 for a security vulnerability affecting Internet Explorer 6, 7 and 8.

According to Microsoft, the vulnerability exists due to the creation of uninitialized memory during a CSS function within Internet Explorer. Under certain conditions, it is possible for an attacker to leverage the memory to execute code remotely.

"An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the Web site," Microsoft's advisory warns.

 In addition, there were reports of vulnerabilities impacting the Microsoft WMI Administrative Tools WMI Object Viewer ActiveX Control as well as a denial-of-service issue affecting IIS FTP 7.5.

Microsoft also dealt with a bit of fallout from a configuration error impacting users of its cloud-based Business Productivity Online Suite (BPOS). BPOS is a set of messaging and collaboration tools that includes Microsoft Exchange Online, Microsoft SharePoint Online, Microsoft Office Communications Online and Office Live Meeting. According to Microsoft, the configuration issue exposed information in customers' Offline Address Books, a feature in Exchange that permits Outlook users to access copies of e-mail addresses when users are not connected to Exchange.

"We take our responsibility to safeguard customer data very seriously, and while no customer action is required, we have notified all our Business Productivity Online Suite-Standard customers about this issue," said Clint Patterson, Microsoft's director of BPOS Communications, in a statement.

Away from the world of Microsoft, a beef between neighbors in Minnesota ended with the guilty plea of Vincent Ardolf of Blaine, Minn. He stopped his trial Dec. 17 and confessed to hacking into his neighbor's wireless Internet connection, posing as him as he fired off an e-mail threatening U.S. Vice President Joseph Biden. Ardolf also admitted that he sent sexual e-mails to the neighbor's co-workers, including one with child pornography.

When he is sentenced, Ardolf faces a maximum penalty of 20 years in prison on the child porn distribution charge; 10 years on the child porn possession charge; and five years on both the unauthorized access to a computer and threats to the vice president charges. He also faces a mandatory two-year minimum on each count of aggravated identity theft.

News surfaced during the week that attackers hit the Spamhaus Project with a distributed denial-of-service (DDoS) attack Dec.18 in an apparent retaliation for a warning it issued earlier this month about wikileaks.info, which it said was under control of a Russian hosting provider known for hosting malware and phishing attacks. A few days later, research from Harvard University highlighted how DDoS was being used as a weapon against media sites and human rights organizations.

According to the report (PDF), 280 independent media and human-rights Websites were hit with 140 attacks between September 2009 and August 2010. Since 1998, the researchers tallied reports of 329 different attacks against more than 815 sites, figures they estimate only account for a small portion of the actual attacks.

Of course, botnets aren't just used for DDoS-they also a used heavily for spam and malware attacks. But according to security researchers, this holiday season has seen something of a respite in the amount of Christmas-themed spam. M86 Security Labs told eWEEK Dec. 21 that Christmas holiday spam accounted for less than 1 percent of all the spam making the rounds on the Internet.

"Holiday/Xmas spam is a non-event this year as far as activity from major botnets is concerned," said Phil Hay, senior threat analyst at M86. "The major botnets that are left are currently spamming their usual affiliate programs in a typical way, mostly centered around drugs and replicas," he added.

According to researchers at New York University (NYU), spammers are however making use of Amazon's Mechanical Turk service in a big way. Mechanical Turk is a crowdsourcing Internet marketplace that allows programmers to coordinate the use of human intelligence tasks (HITs). In their study, the researchers reported roughly 41 percent of all HITs posted by requesters who joined the marketplace between September and October were spam.

eWEEK closed out the week with some predictions for the security landscape in 2011.

 


Rocket Fuel