Five Places Where Malware Hides
Malware has to live somewhere. And while some Web filtering solutions can detect known malware hosts, most malware hides in sites that are otherwise benign.
Move over Zeus. Stuxnet is now stealing all the headlines. Not that I think Zeus is any less evil, nor is it going away. The problem is, Stuxnet is perhaps even more evil and depending on how it is targeted, can do irreparable damage to an already fragile utility infrastructure.
The concern now is whether or not Stuxnet is being taken seriously enough. An article at eWeek.com stated that:
Exploit code for one of the zero-day vulnerabilities exploited by the Stuxnet worm has made its way online. The code exploits a Windows Task Scheduler vulnerability, and can be used to escalate privileges. The exploit code was added to the Exploit Database operated by Offensive Security Nov. 20. There is no patch currently available for the flaw, though Microsoft said one is forthcoming.
When that fix is coming, however, is the question. An article at The Tech Herald reported that Microsoft only stated that a fix is coming in the near future, which could be on the next Patch Tuesday or sometime well into next year. As the folks at Help Net Security said, that wouldn't be a huge problem, except:
if it weren't for the fact that someone whose Internet handle is webDEViL hadn't released Proof-of-Concept exploit code for it.
While we could all use an out-of-band patch to plug the hole, it is doubtful that Microsoft will provide one since the flaw can be abused only if the attacker has already managed to access a limited account on the compromised system.