DECEMBER 13, 2013
Your regular source of security updates from TrendLabsSM
In This Issue

Security Spotlight
Blurring Boundaries: Security Predictions for 2014 and Beyond

Security for Home Users
The Online Gaming Console: Box of Entertainment or Box-Shaped Threat?

Security for Business
Zero-Day Exploit Affects Older Versions of Windows



Security for Business

Zero-Day Exploit Affects Older Versions of Windows

Companies that still use Windows XP will become more vulnerable to exploit attacks once support for the OS officially ceases.”



Cybercriminals commonly exploit software and system bugs like the recent Windows XP and Server® 2003 zero-day CVE-2013-5065 to infiltrate corporate networks. Successful exploitation allows an attacker to do the following on affected systems:

  • Delete or view confidential data
  • Install malicious programs
  • Increase accounts’ administrative privileges

Increased administrative privileges allow attackers to access more parts of compromised networks. But even more troubling, successful exploitation led to system compromise via a backdoor (BKDR_TAVDIG.GUD) infection.

This April, Microsoft announced that it will no longer support Windows XP come April 2014. Companies that still use Windows XP will become more vulnerable to exploit attacks once support for the OS officially ceases. Affected users can also lose confidential data and spend a lot on damage control or repairs.

DOWNAD: Still Prevalent After Five Years

Conficker/DOWNAD, which became known for its ability to quickly spread across networks, first emerged five years ago. Years after, it remains one of the most prevalent threats, as evidenced by its still-huge infection base.

To spread across networks, DOWNAD exploited a vulnerability (MS08-067) that has been patched a long while back. It also uses a technique called “domain generation algorithm (DGA)” to produce hundreds of alternate domains to access daily.

The Critical Role of Patching

Companies that hope to mitigate the risks DOWNAD and similar threats pose should regularly patch their systems and servers. Despite the availability of a patch, the DOWNAD infection count remains high probably due to negligence in installing updates and using pirated Windows OS versions. To protect your network from exploits without disrupting your business, consider virtual patching or virtual shielding.

Copyright ©2013 Trend Micro Incorporated. All rights reserved. Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated. All other company and/or product names may be trademarks or registered trademarks of their respective owners. The information contained in this document is subject to change without prior notice.

www.trendmicro.com

  CONNECT WITH US ON: