Site Archives ActiveX
Malware Infection Methods: Drive-by Downloads
Now that the Internet has been around for some time, users are starting to become more adept at protecting themselves from Web-based threats. Users have learned that certain parts of the Web or Web pages, like advertisements, can pose a security threat and, therefore, will avoid clicking on them. Unfortunately, the malware writers have also noticed the trend and continue to come up with new ways of distributing their malicious applications. The most popular method used for the past year is called Drive-by Downloads. The term Drive-by Download means users become infected simply by surfing an exploited Web page and are completely unaware of the malicious file download occurring in the background. Web browser exploits (such as IE, Firefox, Safari, etc.) and other third party application exploits (such as Adobe Reader, Microsoft Excel, etc.) can potentially allow remote code execution, which can lead to a malicious file download which is completely invisible to the user. Fake pop-ups that look legitimate, often cleverly masqueraded as anti-virus solutions, are also a popular method of tricking a user into either clicking on the pop-up to close it or following the instructions on the pop-up, both of which result in malicious file downloads.
December Patch Tuesday
Microsoft has released 8 new patches resolving 6 critical and 2 important vulnerabilities found in its various products. The vulnerability for the Visual Basic 6.0 ActiveX Control has publicly available exploit code, so it should be patched as soon as possible. The products with critical severity vulnerabilities include:
- GDI
- Windows Search
- Internet Explorer
- Visual Basic 6.0 Runtime Extended Files (ActiveX Controls)
- Microsoft Office Word
- Microsoft Office Excel
BlackBerry Desktop Software ActiveX Vulnerability
GSA Reference Number: AD081204-01
Simply Put: BlackBerry Desktop Software 4.2.2 through 4.7 is vulnerable to a remote system compromise because it includes a vulnerable ActiveX control from FlexNET. An ActiveX vulnerability can be exploited through Internet Explorer by a malicious website.
Microsoft Access Snapshot Viewer ActiveX Vulnerability
GSA Reference Number: AD080708-01
Simply Put: Microsoft Access included with Microsoft Office 2000 through 2003, including Office XP, is vulnerable to remote exploitation through Internet Explorer. If a user with MS Access installed browses to a malicious website, arbitrary files could be copied to the users machine. The vulnerability can be used to run malicious code on a user’s machine without notification or permission. Gladiator feels this issue is extremely critical.
Find It Quickly
Find what you're looking for quickly by using our keyword search. Can't find it? Try our links below.
Monthly Archives
Find posts by the month they were written.
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- July 2008
- May 2008
- April 2008
- March 2008
- January 2008
- December 2007
- November 2007