Adobe, Explorer, vulnerable

Two new zero day exploits targeting Adobe Flash and Microsoft Internet Explorer have been found on the Internet. KARL SIGLER gives some advise on how companies and users can protect themselves from these vulnerabilities.

Two new zero day exploits targeting Adobe Flash and Microsoft’s Internet Explorer have been spotted in the wild, meaning criminals may have already taken advantage and planted malware on users’ computers. Although Adobe has issued an emergency patch for its vulnerability, there is no official fix from Microsoft yet.

The tactics criminals are using to exploit these vulnerabilities are not uncommon. In the case of Internet Explorer, the criminals lure users to a malicious website and then use the vulnerability to install malware on their computers. One of the most significant outcomes of the Microsoft vulnerability is that it’s the first major vulnerability in a Microsoft product since Windows XP’s end-of-life. That means it may never be fixed for XP users, which constitute a third of all Windows users. For those who use more updated Windows operating systems, a patch should be put into place as soon as it is released.

The Adobe vulnerability was being exploited in what is called a “watering hole” attack where criminals infect a legitimate website that attracts the type of victims they want. For example, an attacker might infect a popular scheduling website that he knows his victims use frequently. Users can protect themselves against Adobe exploits by simply updating their Flash Player. Users of Internet Explorer 10 or 11 or Chrome should get automatic updates for their versions of Flash just by restarting their browsers. Users of other browsers can download the update from Adobe’s website. Another way users can protect themselves against these attacks is to have more control over when Flash is used. Web browsers like Chrome and Firefox have a feature called “click to play.” This disables auto-start for all Java and Flash applications.

Until patches are released for the Internet Explorer vulnerability, there are several steps businesses and individual users can take to mitigate their risk of falling victim to an attack. These include:

Zero day vulnerabilities are extremely difficult to prevent since attackers discover the vulnerability before vendors like Microsoft or Adobe. However, implementing a multi-layer security strategy that includes updated antimalware technologies can help prevent these attacks. For business leaders, it’s critical to deploy a security awareness education program so that users can spot signs of phishing emails and potentially malicious websites. It is also always important to have an incident response plan that has been recently updated and tested. If you cannot prevent exploitation, it’s very important to be able to respond and recover from it in a timely manner.

* Karl Sigler is a threat intelligence manager at Trustwave.

* Follow Gadget on Twitter on @GadgetZA