New Microsoft Word vulnerability

Technet link – specific wording:

The vulnerability could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Word, or previews or opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word as the email viewer. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

——————————————————————————————–

So if a malicious RTF(Rich Text Formatting file is opened inside Microsoft Word it will allow the attacker to run commands that normally cannot be run.

So it is possible we have yet to see the full effects on this vulnerability., as viruses and other attacks are being crafted(very likely).

The Microsoft ‘fix’ initially is to not allow RTF files to be opened.

Applying the Microsoft Fix it solution, “Disable opening RTF content in Microsoft Word,” prevents the exploitation of this issue through Microsoft Word. 

“This is not a fix, just a kludge” says TonyZ  – as people will open these files not knowing what will happen.

Sample report

we have placed a sample evaluation on our fixvirus.com site (the alpha-A scan)

Here we have scanned a server and found it had a few services turned on that should not have been. (Telnet and ftp should be replaced with a secure version, such as ssh and scp)

The web services need to be tested further for potential application vulnerabilities (with the Sigma-∑ scan)

Port 20000, and 2222 are not typical ports used by legitimate applications, in fact 2222 has been known to be a BackDoor trojan: Speedguide.net has some information.  This machine has to be investigated for malicious software.

This is the reason for the Alpha scan – so that unknown ports running on your machines will be uncovered.

WordPress weaknesses requires vigilence

As Forbes article discusses:

wordpressbullets

Update your plugins and widgets when they are vulnerable, use complex passwords, and otherwise use good security methodologies.

It is the basics that people are not doing. What is easy to use makes it less secure, thus requiring more effort by the user or administrator to make sure it is secure and safe.

I know this is an old attack (from April 13th, 2013) but the basic principles apply, as security methods never go out of style, and old attacks come around again and again.

Contact Us to discuss.

WordPress DDOS potential overplayed?

That is what Jason Cohen (CTO of WP engine) is saying at blogs.csoonline.com

He also said: (what the pingback function does, calling it “an altruistic, friendly, social system.”)

What can happen is a lot of pingbacks with the links in the comments.  If done  on many pages with a lot of effort it can happen. I recommend everyone use moderated comments to prevent automated bots if you must turn on pingbacks.

And remember – you can always turn off pingbacks.  In Settings–> Discussion Settings

we have no pingbacks in our WordPress sites.