Sunbelt Software is raising its Worldwide Threat Level to “high” in light of unpatched vulnerabilities in three widely-used applications or systems and the Defcon and Black Hat conferences in Las Vegas this week.
Internet users should:
— be sure anti-virus applications are updated and functional
— avoid opening attachments in spam emails or clicking on links in spam messages.
— be cautions opening attachments or following links in email messages from friends
— be especially cautious in web browsing if they use QuickTime Player,
— be alert for updates that are expected soon to fix serious vulnerabilities in QuickTime Player, Microsoft Windows and Cisco Industrial Ethernet 3000 series routers.
Botnet exploits have been reported for a vulnerability (CVE-2010-2568) in Microsoft Windows that allows an intruder to present a victim with a specially crafted shortcut (LNK file) that could enable the execution of arbitrary code with the privileges of the user. Also, with a certain AutoRun/AutoPlay configuration, exploitation could occur without any interaction from the user. (Microsoft Security Bulletin with workaround here: http://www.microsoft.com/technet/security/advisory/2286198.mspx)
Secunia is warning of a buffer overflow vulnerability in QuickTime Player that could enable a malicious web page to execute arbitrary code. No fix is available. (Advisory SA40729: http://secunia.com/advisories/40729/)
Cisco has issued a security advisory warning of a vulnerability in hard-coded SNMP community names in its Industrial Ethernet 3000 series switches. A fix isn’t expected until August, although workarounds are available. (Cisco bulletin here: http://www.cisco.com/warp/public/707/cisco-sa-20100707-snmp.shtml).
In addition to the above high-profile vulnerabilities, the Black Hat and Defcon security conferences are going on this week in Las Vegas. Black Hat is running yesterday and today and Defcon runs Friday through Sunday. The presentations at the two are of high interest worldwide to hackers and malicious code writers. CNet News Security blog carries good daily coverage here: http://news.cnet.com/8301-1009_3-20011938-83.html
Sunbelt’s Worldwide Threat Level with a brief description of current threats is available here.
Tom Kelchner