Adobe Flash ZeroDay Exploit in the wild

I often tell people who are looking for a cheap computer that there are numerous costs beyond the purchase price to consider.

This week on 3 separate occasions this point has popped its head up.

Episode 1: A woman asked me for a recommendation for a new computer – she is an octogenarian that uses it only once or twice a year when she can’t use her Kindle to make travel arrangements.  She was unaware that she could go to websites on her Kindle Fire and be able to make flight reservations.  Instead of showing her an array of computer options, I showed her how to navigate on her tablet.  She breathed a sigh of relief that she would not have to learn a new computer operating system (her old computer was still running XP).

Episode 2: A gentleman that I helped purchase a mac mini about 3 years ago called with a problem that AppleCare had tried to help him fix but couldn’t.  In the interest of saving money at purchase time, we had gotten an inexpensive monitor from CompUSA to pair with his MacMini.  On hearing him describe his symptoms, I knew the solution was to change the input on the monitor, but he had no idea where the button for that was, and I had no idea without being in front of it to hunt for it.  He asked why he got that monitor and not an Apple one, and I reminded him that he (his daughter) didn’t want to spend as much as an Apple monitor would cost.

Epsiode 3: A coworker recently moved to an iMac and was wondering how she was going to be able to back up her computer – a matter of 3 clicks later, TimeMachine was enabled and she was impressed to learn that it would keep hourly backups so in case she accidentally deleted or modified a file, she would have access to recent changes in a very intuitive interface.

It is vitally important to consider the value of your peace of mind when looking at the cost of your new machine.  How much is your aggravation worth?

Jamie Oliver – The Naked Chef probably never intended his tongue in cheek title to foreshadow the use of his website to distribute malware the way that porn sites are notorious for doing.

You might remember the post earlier in the month when I warned you of how his website was infected with malware.  Well, less than a month later, the bad guys have reinfected his site, this time with a better grade of malware.  The arms race is real, and you must be vigilant.

Malwarebytes Blog

In the OOOPS department:

Panda Software – the makers of Panda Antivirus released an update that detected itself as malware, and quarantined itself – resulting in users being unable to start their machines.  Panda released a new definitions file immediately, but users have been warned that the problem might recur.

from ZDNet

Kaspersky Labs – the one that says over and over that 20xx is “The Year of the Mac Virus” where xx=(03-15 so far) has released a study about a piece of malware that they have recently uncovered that is groundbreaking in many ways.  It is ALMOST undetectable, and they have been infecting machines for over 14 years.

If you like reading an analysis that reads more like a spy novel, the actual report is here.  A more accessible article was posted to Ars Technica on Feb 16, 2015.

“The discovery of the Equation Group is significant because this omnipotent cyber espionage entity managed to stay under the radar for almost 15 years, if not more,” Raiu said. “Their incredible skills and high tech abilities, such as infecting hard drive firmware on a dozen different brands, are unique across all the actors we have seen and second to none. As we discover more and more advanced threat actors, we understand just how little we know. It also makes us reflect about how many other things remain hidden or unknown.”

Kaspersky also claims that iOS and MacOS systems have been infected:

Redirects that sent iPhone users to unique exploit Web pages. In addition, infected machines reporting to Equation Group command servers identified themselves as Macs, an indication that the group successfully compromised both iOS and OS X devices.

It will be interesting to see if this discovery of Kaspersky Labs turns out to be something more than the active imagination of a FUD dealing protection peddler.

Microsoft Windows users:

Yesterday was Patch Tuesday, so you probably have a notification that you have updates waiting.  Please do yourself a favor and apply the updates as soon as possible.  This time Microsoft patched a problem that has been known for over 13 months.

Why is it important to apply updates immediately?

The patches that are released are for issues that only Microsoft can fix inside Windows.  Your antivirus can’t protect you from these types of problems.

Trend Micro has identified a new Flash ZeroDay exploit.

ZeroDay? Whatchootalkinaboutwillis?

A ZeroDay Exploit is when a new bug is found in an application like Adobe Flash that is discovered, but no protective or ameliorative patch is available yet.  This means “YOU ARE AT HIGH RISK OF BEING COMPROMISED”.  This one is a real problem, because the attack vector relies on infected ads on otherwise trusted sites.

What can you do?

Install the latest patch whenever Adobe releases it.  Limit your web browsing, and don’t think you are impervious to exploit.

You can read more about the exploit here on Trend-Micro’s blog