iApplianceWeb-iApplianceReview

Sponsor-Editors Sites
" iApplianceReview
" Appliance-Lab
" CyberNode Appliances
" VideoIP Services
" Energy Gateways
" Metering & Appliances
" Netcentric Community
" Techrite Associates

EETimes Sites
" EE TIMES
" EE TIMES ASIA
" EE TIMES CHINA
" EE TIMES FRANCE
" EE TIMES GERMANY
" EE TIMES KOREA
" EE TIMES TAIWAN
" EE TIMES UK

EETimes Network Sites
" CommsDesign
" iApplianceWeb.com
" Microwave Engineering
" EEdesign
" Deepchip.com
" Design & Reuse
" Embedded.com
" Embedded Edge
" Elektronik i Norden
" Planet Analog
" Silicon Strategies

" Byte
" ChannelWeb
" CMP
" CommWeb
" Com. Convergence
" CRN
" Conferences and Events
" DB2
" Dr. Dobbs Journal
" DV.Com
" EBN
" EBN China
" eeProductCenter
" Electronics Express
" Electronics Express
" Internet Week
" Network Computing
" Network Magazine
" NetSeminar Services
" QuestLink
" TechWeb
" VAR Business
" Windows Developer

Security Sentinel:

Here are your instructions...

Toni McConnel

iApplianceWeb

(1/06/06, 12:24 PM GMT)

If you use Internet Explorer, Windows Explorer, or Lotus notes, don’t do another thing until you go to http://go.microsoft.com/fwlink/?LinkId=58471 and download Microsoft’s security patch. I’m serious.

A metafile vulnerability (WMF) in the Windows Graphics Rendering Engine is such a huge hole that Microsoft has issued a security bulletin classified as “critical”—a rare event, and one to be taken seriously. F-Secure reports that so far they have seen 57 different versions of exploits that take advantage of this vulnerability.

An image picked up at a website or a popup, or opened from an email attachment can take advantage of this flaw to run embedded code to install malicious software. What had everyone so nervous about the WMF flaw is that the image containing malicious code can bypass most intrusion detection systems.

One exploit using this vulnerability, again according to F-Secure, was an email originating in South Korea that urged the recipients to open an attached MAP.WMF file. If opened, the code embedded in the image downloaded ‘backdoor’ code from www.jerrynews[dot]com. (Backdoor trojans allow an attacker access to the victim computer, and are often used to create zombie networks to distribute various kinds of malware.) A spoofed return address tried to make it appear that the email originated at a government security agency.

By this time I hope you have abandoned Internet Explorer for Firefox, Netscape, or Opera—they all have their vulnerabilities but cybercriminals favor IE as a path into your computer, mostly because it is so ubiquitous, since it is distributed with every Windows operating system, but also because IE is famous for its security flaws.

I use ZoneAlarm as my virus detection system, in spite of the fact that it is tedious to learn and use, because before a remote site is allowed to do anything on my computer, I must add it to an approved list, and even then I must approve individual functions. The Firefox browser has some of the same security functionality—it can be set to open only the images you approve.

Toni McConnel is executive editor of iApplianceWeb. Do you have comments on this column? Write to Toni TechRite-Associates.com. You know where to put the @, don’t you? If you’re smart enough to know that, how come you’re still using Internet Explorer?

For more information about topics, issues and technologies mentioned in this story go to the flashing icon in the upper left corner on this page or go to the iAppliance Web Views page and call up the associatively-linked Java/XML-based Web map of the iApplianceWeb site.

Enter the appropriate key word, product or company name to list instantly every news and product story, product review and product database entry relating to the topic since the beginning of the 2002.