Love them or hate them, Microsoft has come a long way in making their Windows operating systems secure, mostly by employing built-in firewalls, default security settings and auto-patching features. Despite this, Windows is still the most-targeted operating system on the part of attackers, simply because it is the most ubiquitous. Now, instead of targeting flaws in the stronger operating systems, attackers have been hammering the weaker, unpatched, third-party “helper” applications.
In the past year, hackers have exposed vulnerabilities in the following programs to insert malware on Windows systems:
- Flash Player
- Real Player
- Microsoft Office
- Acrobat Reader
- Symantec Anti-Virus
- AOL Instant Messenger
Some of these programs, like Skype, do a pretty good job keeping themselves updated. Lately, QuickTime updates so often (as new vulnerabilities are found), I am beginning to think it has nagware built in. And while Symantec’s Norton Antivirus will automatically download new signatures, it won’t upgrade itself to a better, more-secure version.
Brian Krebs at the Washington Post sounded the alarm today about attackers using the latest vulnerabilities in Acrobat Reader to install malware and urges his readers to patch immediately. Krebs reminds us that Acrobat Reader would be an easy target:
It’s an interesting target for criminals because Adobe Reader has a truly enormous install base, yet it is one of those applications that so few people even think to update regularly. According to Adobe, more than 500 million copies of Adobe Reader have been distributed worldwide on 23 platforms and in 26 languages. The product also is distributed by the top 10 PC manufacturers.
It has been a while since a blended-threat worm such as Nimda or Code Red has circulated on the internet. And with most of the critical holes in Windows actually belonging to third-party applications that are not patched as often, the risk of a new blended threat emerging has never been higher.