Multiple Zero-day Attacks Plague October 2014
As long as operating systems, applications, and software have bugs or flaws, attackers will always try to find a way to exploit them for profit. Zero-day vulnerabilities are sought out by cybercriminals because affected users are practically helpless against exploits until the vendor sends a fix.
Estimating the duration of a vulnerability window can be difficult. When a zero-day vulnerability is discovered by security researchers, proper disclosure processes are followed and the vendor is given time to address the vulnerability and release a patch. In a span of a year, we typically expect to see at least three to four zero-day vulnerabilities. However, this October alone, three zero-day vulnerabilities have already been exploited and reported.
According to findings, the Sandworm attack used a zero-day vulnerability (CVE-2014-4114), as a part of a very complex attack that targeted SCADA systems. Shortly after this exploit, Microsoft released a patch. The Microsoft security update included solutions for two other zero-day vulnerabilities (CVE-2014-4148 and CVE-2014-4113), which affected the Windows kernel in most Windows versions.
Rounding out the list is the recently discovered zero-day vulnerability (CVE-2014-6352) that appears to be similar to the vulnerability used in Sandworm. In this attack, the vulnerability was exploited via malicious PowerPoint documents sent as an email attachment. Latest reports suggest that this vulnerability is essentially identical to the Sandworm vulnerability, which was reportedly patched by Microsoft. The patch however, appears to have been inadequate as new exploits that targeted the same flaw have emerged.
As more zero-day attacks emerge, we strongly encourage users, system admins, and security vendors to stay updated. Refer to reliable advisories to keep tabs on the latest possible vulnerabilities and infection vectors, as well as the latest patches. Be proactive and use a robust security software that can protect systems and devices from likely exploits.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Trigona
- Steering Clear of Security Blind Spots: What SOCs Need to Know
- Understanding the Kubernetes Security Triad: Image Scanning, Admission Controllers, and Runtime Security
- Preempting Threats to Connected Cars: The Importance of Cybersecurity in a Data-Driven Automotive Ecosystem
- Your Stolen Data for Sale