SlideShare a Scribd company logo

New microsoft application security problem

Download as PPT, PDF
John Davis
John Davis

A zero-day attack on Microsoft XP has been discovered, emphasising the need for businesses to be using the latest software to prevent data loss. http://www.storetec.net/news-blog/new-microsoft-application-security-problem.

1 of 4
@StoretecHull www.storetec.net Facebook.com/storetec Storetec Services Limited New Microsoft Application Security Problem A zero-day attack on Microsoft XP has been discovered, emphasising the need for businesses to be using the latest software to prevent data loss. Having warned its users about the potential for such attacks at the beginning of November, Microsoft is working on the problem and has released suggestions for users that have been affected.
FireEye researchers Xiaobo Chen and Dan Caselden reported uncovering the vulnerability in one of their blog posts and have stated that the attack will only affect those using XP. They said: "The vulnerability cannot be used for remote code execution but could allow a standard user account to execute code in the kernel.“ Dustin Childs, Microsoft Trustworthy Computing group manager for incident response communications, offered customers a temporary solution: "Delete NDProxy.sys and reroute to Null.sys. For environments with non-default, limited user privileges, Microsoft has verified that the following workaround effectively blocks the attacks that have been observed in the wild."
The attack also affects those who are using Adobe Reader 9.5.4, 10.1.6, 11.0.02 and prior. Such users are strongly advised to update to the most recent version. Users running the most recent version will not be affected by this security threat. This security scare has led to the SANS Internet Storm Centre issuing a plea for users to run the most recent version of software. It warns that this security breach is just "the tip of the iceberg" and said that no task was more urgent than to migrate to Windows 7 or 8 as soon as possible.
The final set of hotfixes for Windows XP is expected in April 2014, and therefore after that date malware authors know that their exploits will wreak havoc against an unprecedented number of XP users. Any XP users attempting to upgrade after this date will do so the software is especially vulnerable to attacks, putting the security of their data at an even higher risk. Storetec News/Blogs."http://www.storetec.net/news-blog/newmicrosoft-application-security-problem". New Microsoft application security problem. November 29, 2013. Storetec.

Recommended

CI410 vieyra macro malware
CI410 vieyra macro malwareCI410 vieyra macro malware
CI410 vieyra macro malwareMatt Vieyra
 
Your Guide to tackle the Ransomware threat "WannaCry" | Sysfore
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeYour Guide to tackle the Ransomware threat "WannaCry" | Sysfore
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeSysfore Technologies
 
Cyber threads and its types
Cyber threads and its typesCyber threads and its types
Cyber threads and its typesSUNODH GARLAPATI
 
Technical guidance to prevent wanna cry ransomware attack
Technical guidance to prevent wanna cry ransomware attackTechnical guidance to prevent wanna cry ransomware attack
Technical guidance to prevent wanna cry ransomware attackAvanzo net
 
How to Rapidly Identify Assets at Risk to WannaCry Ransomware
How to Rapidly Identify Assets at Risk to WannaCry RansomwareHow to Rapidly Identify Assets at Risk to WannaCry Ransomware
How to Rapidly Identify Assets at Risk to WannaCry RansomwareQualys
 
Metaploit
MetaploitMetaploit
Metaploitalexngchunkiat
 
Using security to drive chaos engineering - April 2018
Using security to drive chaos engineering - April 2018Using security to drive chaos engineering - April 2018
Using security to drive chaos engineering - April 2018Dinis Cruz
 
2015 Microsoft Vulnerabilities Report
2015 Microsoft Vulnerabilities Report 2015 Microsoft Vulnerabilities Report
2015 Microsoft Vulnerabilities Report Avecto
 

Recommended

CI410 vieyra macro malware
CI410 vieyra macro malwareCI410 vieyra macro malware
CI410 vieyra macro malwareMatt Vieyra
 
Your Guide to tackle the Ransomware threat "WannaCry" | Sysfore
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeYour Guide to tackle the Ransomware threat "WannaCry" | Sysfore
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeSysfore Technologies
 
Cyber threads and its types
Cyber threads and its typesCyber threads and its types
Cyber threads and its typesSUNODH GARLAPATI
 
Technical guidance to prevent wanna cry ransomware attack
Technical guidance to prevent wanna cry ransomware attackTechnical guidance to prevent wanna cry ransomware attack
Technical guidance to prevent wanna cry ransomware attackAvanzo net
 
How to Rapidly Identify Assets at Risk to WannaCry Ransomware
How to Rapidly Identify Assets at Risk to WannaCry RansomwareHow to Rapidly Identify Assets at Risk to WannaCry Ransomware
How to Rapidly Identify Assets at Risk to WannaCry RansomwareQualys
 
Metaploit
MetaploitMetaploit
Metaploitalexngchunkiat
 
Using security to drive chaos engineering - April 2018
Using security to drive chaos engineering - April 2018Using security to drive chaos engineering - April 2018
Using security to drive chaos engineering - April 2018Dinis Cruz
 
2015 Microsoft Vulnerabilities Report
2015 Microsoft Vulnerabilities Report 2015 Microsoft Vulnerabilities Report
2015 Microsoft Vulnerabilities Report Avecto
 
Week5
Week5Week5
Week5s1160153
 
Venka sure Antivirus+Internet Security
Venka sure Antivirus+Internet SecurityVenka sure Antivirus+Internet Security
Venka sure Antivirus+Internet SecurityVenkasys Technologies Pvt. Ltd.
 
Five Reasons to Look Beyond Math-based Next-Gen Antivirus
Five Reasons to Look Beyond Math-based Next-Gen AntivirusFive Reasons to Look Beyond Math-based Next-Gen Antivirus
Five Reasons to Look Beyond Math-based Next-Gen AntivirusSarah Vanier
 
Punto 16
Punto 16Punto 16
Punto 16Laura Gálvez
 
Punto 16
Punto 16Punto 16
Punto 16Laura Gálvez
 
The Dynamite of Next Generation (Y) Attack
The Dynamite of Next Generation (Y) AttackThe Dynamite of Next Generation (Y) Attack
The Dynamite of Next Generation (Y) AttackPrathan Phongthiproek
 
Computer Virus by Neeraj Bhandari ( Surkhet.Nepal )
Computer Virus by Neeraj Bhandari ( Surkhet.Nepal )Computer Virus by Neeraj Bhandari ( Surkhet.Nepal )
Computer Virus by Neeraj Bhandari ( Surkhet.Nepal )Neeraj Bhandari
 
Guarding Against Virus - R.D.Sivakumar
Guarding Against Virus - R.D.SivakumarGuarding Against Virus - R.D.Sivakumar
Guarding Against Virus - R.D.SivakumarSivakumar R D .
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareQuick Heal Technologies Ltd.
 
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...Jacob Tranter
 
Virus examples
Virus examplesVirus examples
Virus examplesargusacademy
 
10 security enhancements
10 security enhancements10 security enhancements
10 security enhancementsVishal Gurujuwada
 
How to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareHow to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareKaspersky
 
Identifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareIdentifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareTeodoro Cipresso
 
Elastic Security: Enterprise Protection Built on the Elastic Stack
Elastic Security: Enterprise Protection Built on the Elastic StackElastic Security: Enterprise Protection Built on the Elastic Stack
Elastic Security: Enterprise Protection Built on the Elastic StackElasticsearch
 
Te chnical presentation networkexploits and security
Te chnical presentation networkexploits and securityTe chnical presentation networkexploits and security
Te chnical presentation networkexploits and securityKartik Rao
 
A Hacker's perspective on ransomware
A Hacker's perspective on ransomwareA Hacker's perspective on ransomware
A Hacker's perspective on ransomwareAvecto
 
SentinelOne Buyers Guide
SentinelOne Buyers GuideSentinelOne Buyers Guide
SentinelOne Buyers GuideExclusive Networks ME
 
Bash software bug could be bigger threat than heartbleed, experts warn
Bash software bug could be bigger threat than heartbleed, experts warnBash software bug could be bigger threat than heartbleed, experts warn
Bash software bug could be bigger threat than heartbleed, experts warnMichael Holt
 
Computer viruses and anti viruses
Computer viruses and anti virusesComputer viruses and anti viruses
Computer viruses and anti virusesMohit Jaiswal
 
Uk risks falling behind others in cloud adoption due to data security concerns
Uk risks falling behind others in cloud adoption due to data security concernsUk risks falling behind others in cloud adoption due to data security concerns
Uk risks falling behind others in cloud adoption due to data security concernsJohn Davis
 
Diapositiva jose Castañeda_401596_18
Diapositiva jose Castañeda_401596_18Diapositiva jose Castañeda_401596_18
Diapositiva jose Castañeda_401596_18jwcas
 

More Related Content

What's hot

Five Reasons to Look Beyond Math-based Next-Gen Antivirus
Five Reasons to Look Beyond Math-based Next-Gen AntivirusFive Reasons to Look Beyond Math-based Next-Gen Antivirus
Five Reasons to Look Beyond Math-based Next-Gen AntivirusSarah Vanier
 
The Dynamite of Next Generation (Y) Attack
The Dynamite of Next Generation (Y) AttackThe Dynamite of Next Generation (Y) Attack
The Dynamite of Next Generation (Y) AttackPrathan Phongthiproek
 
Computer Virus by Neeraj Bhandari ( Surkhet.Nepal )
Computer Virus by Neeraj Bhandari ( Surkhet.Nepal )Computer Virus by Neeraj Bhandari ( Surkhet.Nepal )
Computer Virus by Neeraj Bhandari ( Surkhet.Nepal )Neeraj Bhandari
 
Guarding Against Virus - R.D.Sivakumar
Guarding Against Virus - R.D.SivakumarGuarding Against Virus - R.D.Sivakumar
Guarding Against Virus - R.D.SivakumarSivakumar R D .
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareQuick Heal Technologies Ltd.
 
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...Jacob Tranter
 
How to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareHow to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareKaspersky
 
Identifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareIdentifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareTeodoro Cipresso
 
Elastic Security: Enterprise Protection Built on the Elastic Stack
Elastic Security: Enterprise Protection Built on the Elastic StackElastic Security: Enterprise Protection Built on the Elastic Stack
Elastic Security: Enterprise Protection Built on the Elastic StackElasticsearch
 
Te chnical presentation networkexploits and security
Te chnical presentation networkexploits and securityTe chnical presentation networkexploits and security
Te chnical presentation networkexploits and securityKartik Rao
 
A Hacker's perspective on ransomware
A Hacker's perspective on ransomwareA Hacker's perspective on ransomware
A Hacker's perspective on ransomwareAvecto
 
Bash software bug could be bigger threat than heartbleed, experts warn
Bash software bug could be bigger threat than heartbleed, experts warnBash software bug could be bigger threat than heartbleed, experts warn
Bash software bug could be bigger threat than heartbleed, experts warnMichael Holt
 
Computer viruses and anti viruses
Computer viruses and anti virusesComputer viruses and anti viruses
Computer viruses and anti virusesMohit Jaiswal
 

What's hot (20)

Week5
Week5Week5
Week5
 
Venka sure Antivirus+Internet Security
Venka sure Antivirus+Internet SecurityVenka sure Antivirus+Internet Security
Venka sure Antivirus+Internet Security
 
Five Reasons to Look Beyond Math-based Next-Gen Antivirus
Five Reasons to Look Beyond Math-based Next-Gen AntivirusFive Reasons to Look Beyond Math-based Next-Gen Antivirus
Five Reasons to Look Beyond Math-based Next-Gen Antivirus
 
Punto 16
Punto 16Punto 16
Punto 16
 
Punto 16
Punto 16Punto 16
Punto 16
 
The Dynamite of Next Generation (Y) Attack
The Dynamite of Next Generation (Y) AttackThe Dynamite of Next Generation (Y) Attack
The Dynamite of Next Generation (Y) Attack
 
Computer Virus by Neeraj Bhandari ( Surkhet.Nepal )
Computer Virus by Neeraj Bhandari ( Surkhet.Nepal )Computer Virus by Neeraj Bhandari ( Surkhet.Nepal )
Computer Virus by Neeraj Bhandari ( Surkhet.Nepal )
 
Guarding Against Virus - R.D.Sivakumar
Guarding Against Virus - R.D.SivakumarGuarding Against Virus - R.D.Sivakumar
Guarding Against Virus - R.D.Sivakumar
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry Ransomware
 
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
 
Virus examples
Virus examplesVirus examples
Virus examples
 
10 security enhancements
10 security enhancements10 security enhancements
10 security enhancements
 
How to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareHow to protect your business from Wannacry Ransomware
How to protect your business from Wannacry Ransomware
 
Identifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareIdentifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting Malware
 
Elastic Security: Enterprise Protection Built on the Elastic Stack
Elastic Security: Enterprise Protection Built on the Elastic StackElastic Security: Enterprise Protection Built on the Elastic Stack
Elastic Security: Enterprise Protection Built on the Elastic Stack
 
Te chnical presentation networkexploits and security
Te chnical presentation networkexploits and securityTe chnical presentation networkexploits and security
Te chnical presentation networkexploits and security
 
A Hacker's perspective on ransomware
A Hacker's perspective on ransomwareA Hacker's perspective on ransomware
A Hacker's perspective on ransomware
 
SentinelOne Buyers Guide
SentinelOne Buyers GuideSentinelOne Buyers Guide
SentinelOne Buyers Guide
 
Bash software bug could be bigger threat than heartbleed, experts warn
Bash software bug could be bigger threat than heartbleed, experts warnBash software bug could be bigger threat than heartbleed, experts warn
Bash software bug could be bigger threat than heartbleed, experts warn
 
Computer viruses and anti viruses
Computer viruses and anti virusesComputer viruses and anti viruses
Computer viruses and anti viruses
 

Viewers also liked

Uk risks falling behind others in cloud adoption due to data security concerns
Uk risks falling behind others in cloud adoption due to data security concernsUk risks falling behind others in cloud adoption due to data security concerns
Uk risks falling behind others in cloud adoption due to data security concernsJohn Davis
 
Diapositiva jose Castañeda_401596_18
Diapositiva jose Castañeda_401596_18Diapositiva jose Castañeda_401596_18
Diapositiva jose Castañeda_401596_18jwcas
 
Trabajo final Legislación de telecomuncaciones
Trabajo final Legislación de telecomuncacionesTrabajo final Legislación de telecomuncaciones
Trabajo final Legislación de telecomuncacionesJonathan Lopez Moreno
 
Vocabulary Project
Vocabulary ProjectVocabulary Project
Vocabulary Projectjuanjosepm7
 
презентация Microsoft office power point
презентация Microsoft office power pointпрезентация Microsoft office power point
презентация Microsoft office power pointwww.mskh.am
 
Term Store Navigation
Term Store NavigationTerm Store Navigation
Term Store NavigationEric Lytle
 
Παρουσιάζοντας την πόλη μου Τρίπολη
Παρουσιάζοντας την πόλη μου ΤρίποληΠαρουσιάζοντας την πόλη μου Τρίπολη
Παρουσιάζοντας την πόλη μου Τρίπολη3gymtrip
 
CONSTITUCION S.A.S. Juan Esteban Aguirre Espinosa
CONSTITUCION S.A.S. Juan Esteban Aguirre Espinosa CONSTITUCION S.A.S. Juan Esteban Aguirre Espinosa
CONSTITUCION S.A.S. Juan Esteban Aguirre Espinosa Esteban Aguirre Espinosa
 
control presupuestario
control presupuestario control presupuestario
control presupuestario uts saia
 
COLÒNIES AL CICLE INICIAL
COLÒNIES AL CICLE INICIALCOLÒNIES AL CICLE INICIAL
COLÒNIES AL CICLE INICIALnafi7
 
Task 5 fact file
Task 5 fact fileTask 5 fact file
Task 5 fact filekannkarry
 
Plan de estudios tercero miguel r diana g
Plan de estudios tercero miguel r diana gPlan de estudios tercero miguel r diana g
Plan de estudios tercero miguel r diana gMiguel Retamozo
 
Chris Deonanan-Co-Curricular Record
Chris Deonanan-Co-Curricular RecordChris Deonanan-Co-Curricular Record
Chris Deonanan-Co-Curricular RecordChris Deonanan
 
TRAFFIC PERFORMANCE ANALYSIS OF DYNAMIC MERGE CONTROL USING MICRO-SIMULATION
TRAFFIC PERFORMANCE ANALYSIS OF DYNAMIC MERGE CONTROL USING MICRO-SIMULATIONTRAFFIC PERFORMANCE ANALYSIS OF DYNAMIC MERGE CONTROL USING MICRO-SIMULATION
TRAFFIC PERFORMANCE ANALYSIS OF DYNAMIC MERGE CONTROL USING MICRO-SIMULATIONDavid K. Hale, Ph.D.
 

Viewers also liked (20)

Uk risks falling behind others in cloud adoption due to data security concerns
Uk risks falling behind others in cloud adoption due to data security concernsUk risks falling behind others in cloud adoption due to data security concerns
Uk risks falling behind others in cloud adoption due to data security concerns
 
Diapositiva jose Castañeda_401596_18
Diapositiva jose Castañeda_401596_18Diapositiva jose Castañeda_401596_18
Diapositiva jose Castañeda_401596_18
 
Trabajo final Legislación de telecomuncaciones
Trabajo final Legislación de telecomuncacionesTrabajo final Legislación de telecomuncaciones
Trabajo final Legislación de telecomuncaciones
 
1111
11111111
1111
 
Vocabulary Project
Vocabulary ProjectVocabulary Project
Vocabulary Project
 
презентация Microsoft office power point
презентация Microsoft office power pointпрезентация Microsoft office power point
презентация Microsoft office power point
 
Term Store Navigation
Term Store NavigationTerm Store Navigation
Term Store Navigation
 
latihan 1
latihan 1latihan 1
latihan 1
 
Παρουσιάζοντας την πόλη μου Τρίπολη
Παρουσιάζοντας την πόλη μου ΤρίποληΠαρουσιάζοντας την πόλη μου Τρίπολη
Παρουσιάζοντας την πόλη μου Τρίπολη
 
CONSTITUCION S.A.S. Juan Esteban Aguirre Espinosa
CONSTITUCION S.A.S. Juan Esteban Aguirre Espinosa CONSTITUCION S.A.S. Juan Esteban Aguirre Espinosa
CONSTITUCION S.A.S. Juan Esteban Aguirre Espinosa
 
control presupuestario
control presupuestario control presupuestario
control presupuestario
 
COLÒNIES AL CICLE INICIAL
COLÒNIES AL CICLE INICIALCOLÒNIES AL CICLE INICIAL
COLÒNIES AL CICLE INICIAL
 
Task 5 fact file
Task 5 fact fileTask 5 fact file
Task 5 fact file
 
Palmarès 2013 v3
Palmarès 2013 v3Palmarès 2013 v3
Palmarès 2013 v3
 
Lunares
LunaresLunares
Lunares
 
Plan de estudios tercero miguel r diana g
Plan de estudios tercero miguel r diana gPlan de estudios tercero miguel r diana g
Plan de estudios tercero miguel r diana g
 
Chris Deonanan-Co-Curricular Record
Chris Deonanan-Co-Curricular RecordChris Deonanan-Co-Curricular Record
Chris Deonanan-Co-Curricular Record
 
Saat behne
Saat behneSaat behne
Saat behne
 
Kespro sik
Kespro sikKespro sik
Kespro sik
 
TRAFFIC PERFORMANCE ANALYSIS OF DYNAMIC MERGE CONTROL USING MICRO-SIMULATION
TRAFFIC PERFORMANCE ANALYSIS OF DYNAMIC MERGE CONTROL USING MICRO-SIMULATIONTRAFFIC PERFORMANCE ANALYSIS OF DYNAMIC MERGE CONTROL USING MICRO-SIMULATION
TRAFFIC PERFORMANCE ANALYSIS OF DYNAMIC MERGE CONTROL USING MICRO-SIMULATION
 

Similar to New microsoft application security problem

Web Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a Flash
Web Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a FlashWeb Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a Flash
Web Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a FlashTrend Micro
 
Attack of the killer virus!
Attack of the killer virus!Attack of the killer virus!
Attack of the killer virus!UltraUploader
 
Turning the Tables on Cyber Attacks
Turning the Tables on Cyber AttacksTurning the Tables on Cyber Attacks
Turning the Tables on Cyber Attacks- Mark - Fullbright
 
Patch Tuesday Analysis - January 2017
Patch Tuesday Analysis - January 2017 Patch Tuesday Analysis - January 2017
Patch Tuesday Analysis - January 2017 Ivanti
 
January2017 patchtuesdayshavlik
January2017 patchtuesdayshavlikJanuary2017 patchtuesdayshavlik
January2017 patchtuesdayshavlikLANDESK
 
Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0mobileironmarketing
 
Patch Tuesday Analysis - April 2016
Patch Tuesday Analysis - April 2016Patch Tuesday Analysis - April 2016
Patch Tuesday Analysis - April 2016Ivanti
 
Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Ivanti
 
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docx
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docxRunning head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docx
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docxtodd521
 
November Patch Tuesday Analysis
November Patch Tuesday AnalysisNovember Patch Tuesday Analysis
November Patch Tuesday AnalysisIvanti
 
WannaCry Ransomware Attack
WannaCry Ransomware AttackWannaCry Ransomware Attack
WannaCry Ransomware AttackShehryar Khan
 
Case study cybersecurity industry birth and growth
Case study cybersecurity industry birth and growth Case study cybersecurity industry birth and growth
Case study cybersecurity industry birth and growth Mamoon Ismail Khalid
 
Patch Tuesday Analysis - October 2016
Patch Tuesday Analysis - October 2016Patch Tuesday Analysis - October 2016
Patch Tuesday Analysis - October 2016Ivanti
 
October2016 patchtuesdayshavlik
October2016 patchtuesdayshavlikOctober2016 patchtuesdayshavlik
October2016 patchtuesdayshavlikLANDESK
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Roen Branham
 
Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...
Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...
Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...ESET Middle East
 

Similar to New microsoft application security problem (20)

Web Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a Flash
Web Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a FlashWeb Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a Flash
Web Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a Flash
 
Attack of the killer virus!
Attack of the killer virus!Attack of the killer virus!
Attack of the killer virus!
 
Turning the Tables on Cyber Attacks
Turning the Tables on Cyber AttacksTurning the Tables on Cyber Attacks
Turning the Tables on Cyber Attacks
 
Patch Tuesday Analysis - January 2017
Patch Tuesday Analysis - January 2017 Patch Tuesday Analysis - January 2017
Patch Tuesday Analysis - January 2017
 
January2017 patchtuesdayshavlik
January2017 patchtuesdayshavlikJanuary2017 patchtuesdayshavlik
January2017 patchtuesdayshavlik
 
Computer
ComputerComputer
Computer
 
Escan advisory wannacry ransomware
Escan advisory wannacry ransomwareEscan advisory wannacry ransomware
Escan advisory wannacry ransomware
 
Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0
 
Conficker
ConfickerConficker
Conficker
 
Patch Tuesday Analysis - April 2016
Patch Tuesday Analysis - April 2016Patch Tuesday Analysis - April 2016
Patch Tuesday Analysis - April 2016
 
Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016
 
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docx
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docxRunning head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docx
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docx
 
November Patch Tuesday Analysis
November Patch Tuesday AnalysisNovember Patch Tuesday Analysis
November Patch Tuesday Analysis
 
WannaCry Ransomware Attack
WannaCry Ransomware AttackWannaCry Ransomware Attack
WannaCry Ransomware Attack
 
Case study cybersecurity industry birth and growth
Case study cybersecurity industry birth and growth Case study cybersecurity industry birth and growth
Case study cybersecurity industry birth and growth
 
Patch Tuesday Analysis - October 2016
Patch Tuesday Analysis - October 2016Patch Tuesday Analysis - October 2016
Patch Tuesday Analysis - October 2016
 
October2016 patchtuesdayshavlik
October2016 patchtuesdayshavlikOctober2016 patchtuesdayshavlik
October2016 patchtuesdayshavlik
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021
 
Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...
Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...
Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...
 
Group1 First Periodical Exam
Group1 First Periodical ExamGroup1 First Periodical Exam
Group1 First Periodical Exam
 

More from John Davis

Norfolk County Council Announces Cloud-based Storage Network
Norfolk County Council Announces Cloud-based Storage Network Norfolk County Council Announces Cloud-based Storage Network
Norfolk County Council Announces Cloud-based Storage Network John Davis
 
Data protection rules could cost firms £75k a year
Data protection rules could cost firms £75k a yearData protection rules could cost firms £75k a year
Data protection rules could cost firms £75k a yearJohn Davis
 
App Developers Urged to Take Greater Care in Accessing Data
App Developers Urged to Take Greater Care in Accessing DataApp Developers Urged to Take Greater Care in Accessing Data
App Developers Urged to Take Greater Care in Accessing DataJohn Davis
 
Uk banks targeted in cyber attacks
Uk banks targeted in cyber attacksUk banks targeted in cyber attacks
Uk banks targeted in cyber attacksJohn Davis
 
Glasgow tragedy shows need for disaster recovery
Glasgow tragedy shows need for disaster recoveryGlasgow tragedy shows need for disaster recovery
Glasgow tragedy shows need for disaster recoveryJohn Davis
 
Burglary figures may highlight byod data risk
Burglary figures may highlight byod data riskBurglary figures may highlight byod data risk
Burglary figures may highlight byod data riskJohn Davis
 
Choose Your Own Device ‘To Replace Bring Your Own Device’
Choose Your Own Device ‘To Replace Bring Your Own Device’Choose Your Own Device ‘To Replace Bring Your Own Device’
Choose Your Own Device ‘To Replace Bring Your Own Device’John Davis
 
Improve your security, minister tells major firms
Improve your security, minister tells major firmsImprove your security, minister tells major firms
Improve your security, minister tells major firmsJohn Davis
 
Paperless self assessment ‘a step closer’
Paperless self assessment ‘a step closer’Paperless self assessment ‘a step closer’
Paperless self assessment ‘a step closer’John Davis
 
Bitcoin data loss set to cost over £4 million
Bitcoin data loss set to cost over £4 millionBitcoin data loss set to cost over £4 million
Bitcoin data loss set to cost over £4 millionJohn Davis
 
Tesco data centre consolidation ‘nearing completion’
Tesco data centre consolidation ‘nearing completion’Tesco data centre consolidation ‘nearing completion’
Tesco data centre consolidation ‘nearing completion’John Davis
 
Colonial files ‘burned to keep secrets’
Colonial files ‘burned to keep secrets’Colonial files ‘burned to keep secrets’
Colonial files ‘burned to keep secrets’John Davis
 
Data security breach may embarrass fa
Data security breach may embarrass faData security breach may embarrass fa
Data security breach may embarrass faJohn Davis
 
Companies warned over new nsa malware allegations
Companies warned over new nsa malware allegationsCompanies warned over new nsa malware allegations
Companies warned over new nsa malware allegationsJohn Davis
 
Banks ‘falling s short on data protection’
Banks ‘falling s short on data protection’Banks ‘falling s short on data protection’
Banks ‘falling s short on data protection’John Davis
 
Data centres getting greener, say experts
Data centres getting greener, say expertsData centres getting greener, say experts
Data centres getting greener, say expertsJohn Davis
 
Data protection may be sidelined as eu and us talk trade
Data protection may be sidelined as eu and us talk tradeData protection may be sidelined as eu and us talk trade
Data protection may be sidelined as eu and us talk tradeJohn Davis
 
Microsoft warns of potential attacks
Microsoft warns of potential attacksMicrosoft warns of potential attacks
Microsoft warns of potential attacksJohn Davis
 
It spending set for rise after 2013 dip
It spending set for rise after 2013 dipIt spending set for rise after 2013 dip
It spending set for rise after 2013 dipJohn Davis
 
Ico underlines importance of encryption after data loss
Ico underlines importance of encryption after data lossIco underlines importance of encryption after data loss
Ico underlines importance of encryption after data lossJohn Davis
 

More from John Davis (20)

Norfolk County Council Announces Cloud-based Storage Network
Norfolk County Council Announces Cloud-based Storage Network Norfolk County Council Announces Cloud-based Storage Network
Norfolk County Council Announces Cloud-based Storage Network
 
Data protection rules could cost firms £75k a year
Data protection rules could cost firms £75k a yearData protection rules could cost firms £75k a year
Data protection rules could cost firms £75k a year
 
App Developers Urged to Take Greater Care in Accessing Data
App Developers Urged to Take Greater Care in Accessing DataApp Developers Urged to Take Greater Care in Accessing Data
App Developers Urged to Take Greater Care in Accessing Data
 
Uk banks targeted in cyber attacks
Uk banks targeted in cyber attacksUk banks targeted in cyber attacks
Uk banks targeted in cyber attacks
 
Glasgow tragedy shows need for disaster recovery
Glasgow tragedy shows need for disaster recoveryGlasgow tragedy shows need for disaster recovery
Glasgow tragedy shows need for disaster recovery
 
Burglary figures may highlight byod data risk
Burglary figures may highlight byod data riskBurglary figures may highlight byod data risk
Burglary figures may highlight byod data risk
 
Choose Your Own Device ‘To Replace Bring Your Own Device’
Choose Your Own Device ‘To Replace Bring Your Own Device’Choose Your Own Device ‘To Replace Bring Your Own Device’
Choose Your Own Device ‘To Replace Bring Your Own Device’
 
Improve your security, minister tells major firms
Improve your security, minister tells major firmsImprove your security, minister tells major firms
Improve your security, minister tells major firms
 
Paperless self assessment ‘a step closer’
Paperless self assessment ‘a step closer’Paperless self assessment ‘a step closer’
Paperless self assessment ‘a step closer’
 
Bitcoin data loss set to cost over £4 million
Bitcoin data loss set to cost over £4 millionBitcoin data loss set to cost over £4 million
Bitcoin data loss set to cost over £4 million
 
Tesco data centre consolidation ‘nearing completion’
Tesco data centre consolidation ‘nearing completion’Tesco data centre consolidation ‘nearing completion’
Tesco data centre consolidation ‘nearing completion’
 
Colonial files ‘burned to keep secrets’
Colonial files ‘burned to keep secrets’Colonial files ‘burned to keep secrets’
Colonial files ‘burned to keep secrets’
 
Data security breach may embarrass fa
Data security breach may embarrass faData security breach may embarrass fa
Data security breach may embarrass fa
 
Companies warned over new nsa malware allegations
Companies warned over new nsa malware allegationsCompanies warned over new nsa malware allegations
Companies warned over new nsa malware allegations
 
Banks ‘falling s short on data protection’
Banks ‘falling s short on data protection’Banks ‘falling s short on data protection’
Banks ‘falling s short on data protection’
 
Data centres getting greener, say experts
Data centres getting greener, say expertsData centres getting greener, say experts
Data centres getting greener, say experts
 
Data protection may be sidelined as eu and us talk trade
Data protection may be sidelined as eu and us talk tradeData protection may be sidelined as eu and us talk trade
Data protection may be sidelined as eu and us talk trade
 
Microsoft warns of potential attacks
Microsoft warns of potential attacksMicrosoft warns of potential attacks
Microsoft warns of potential attacks
 
It spending set for rise after 2013 dip
It spending set for rise after 2013 dipIt spending set for rise after 2013 dip
It spending set for rise after 2013 dip
 
Ico underlines importance of encryption after data loss
Ico underlines importance of encryption after data lossIco underlines importance of encryption after data loss
Ico underlines importance of encryption after data loss
 

New microsoft application security problem

  • 1. @StoretecHull www.storetec.net Facebook.com/storetec Storetec Services Limited New Microsoft Application Security Problem A zero-day attack on Microsoft XP has been discovered, emphasising the need for businesses to be using the latest software to prevent data loss. Having warned its users about the potential for such attacks at the beginning of November, Microsoft is working on the problem and has released suggestions for users that have been affected.
  • 2. FireEye researchers Xiaobo Chen and Dan Caselden reported uncovering the vulnerability in one of their blog posts and have stated that the attack will only affect those using XP. They said: "The vulnerability cannot be used for remote code execution but could allow a standard user account to execute code in the kernel.“ Dustin Childs, Microsoft Trustworthy Computing group manager for incident response communications, offered customers a temporary solution: "Delete NDProxy.sys and reroute to Null.sys. For environments with non-default, limited user privileges, Microsoft has verified that the following workaround effectively blocks the attacks that have been observed in the wild."
  • 3. The attack also affects those who are using Adobe Reader 9.5.4, 10.1.6, 11.0.02 and prior. Such users are strongly advised to update to the most recent version. Users running the most recent version will not be affected by this security threat. This security scare has led to the SANS Internet Storm Centre issuing a plea for users to run the most recent version of software. It warns that this security breach is just "the tip of the iceberg" and said that no task was more urgent than to migrate to Windows 7 or 8 as soon as possible.
  • 4. The final set of hotfixes for Windows XP is expected in April 2014, and therefore after that date malware authors know that their exploits will wreak havoc against an unprecedented number of XP users. Any XP users attempting to upgrade after this date will do so the software is especially vulnerable to attacks, putting the security of their data at an even higher risk. Storetec News/Blogs."http://www.storetec.net/news-blog/newmicrosoft-application-security-problem". New Microsoft application security problem. November 29, 2013. Storetec.