Attackers switching to applications, media players

Online criminals are shifting their attacks from operating systems to media players and software programs.

The story "Attackers switching to applications, media players" published November 22, 2005 at 5:08 AM is no longer available on CNET News.

Content from Reuters expires after 30 days.

[n3td3v]

"SOFTWARE PROGRAMS"

As oppose to what? Looks like some journalists need to get a clue on what they report on before they write up articles. You've made the credibility of your reporting look lame.

[albrown]

Nothing to See Here

Basically the article says that everything is under attack wrapped around some buzz words for spicing things up. This ranks as one of the top ten worst articles in terms of useful content I have read on CNET.

BTW, IE is a part of the Windows OS it must be if the manufacturer says it can't be removed.

[Christopher Hall]

Welcome to the mainstream media

Blame Reuters.

[bobby_brady]

Looks like Windows is getting harder to bust through

So now the thugs are resorting to applications.

[R. U. Sirius]

Is it me, or is this article vague?

So which applications are we talking about, other than Windows Media Player? How are these attacks being executed? What can computer users do to prevent these things from happening?

Too often these types of articles are long on scare tactics and short on details. It makes me wonder if perhaps security companies are creating these scare tactics to shore up business.

[Mr. Network]

It's more for awareness.

Being in the business, this isn't something new to me. I've personally seen this happening over the last year and a half. It is true that the major manufacturers are beginning to take security seriously. Not only are they increasing the speed at which they respond to newly found exploits, they are seriously out to get the people writing these programs that take advantage of the exploits. Between the manufacturers plugging holes more quickly and the risk of being caught and prosocuted, the only other choice for these digital terrorists (that's what they are) is to direct thier attention to other applications that in the past haven't recognized the need to write secure code. These applications do include many anti-virus, firewall, and media manufacturers, they are even learning to exploit holes in spy/mal wares.

This evolution started about a year or so ago after the blaster worm hit. That was a good example of major AV firms shutting down a wildly spreading exploit program. Since then viri and worms have been created to pack the 1-2-3 punch of exploiting, isolating, and propogating. They began with the same principle they used before in exploiting IE or Outlook Express, as soon as they got in, they modified registry entries and/or hosts files that would block the user's ability to get updates to clean the application out. Once that was complete the program could go on to find other machines to infect.

These guys are getting smarter, that includes the ability to recognize new targets as the others begin to fade. That's what this article is all about. The reason for the lack of details is the fact that the details are still vague even for the multi-billion dollar companies. Just be vigilant and check your software manufacture's site for program updates. i.e.(Adobe, Macromedia, Quickbooks, Blackice, etc, etc, etc) you never know what the next major worm will target.

Hope this clears some things up.

~Mr. Network

[VirusJTG]

Microsoft Office NOT Windows Office

If you are going to report on something get the details right!