Akonix Security Center Identifies First WMF File Vulnerability Spreading Over Instant Messaging; Working with Major IM Network to Protect against Medium-Level Threat.SAN DIEGO San Diego (săn dēā`gō), city (1990 pop. 1,110,549), seat of San Diego co., S Calif., on San Diego Bay; inc. 1850. San Diego includes the unincorporated communities of La Jolla and Spring Valley. Coronado is across the bay. -- Akonix Systems, Inc. today identified a new instant messaging Exchanging text messages in real time between two or more people logged into a particular instant messaging (IM) service. Instant messaging is more interactive than e-mail because messages are sent immediately, whereas e-mail messages can be queued up in a mail server for seconds or (IM) worm named IM-Worm.Win32.Kelvir.WMF (filename extension) wmf - The filename extension for a Windows Metafile. .A, which takes advantage of a leading IM network to spread the newly discovered Windows Meta File (WMF) vulnerability on users' PCs. The Akonix Security Center classified the worm as medium risk and is working with its IM network partner to immediately protect customers against this threat. DESCRIPTION: The IM-Worm.Win32.Kelvir.WMF.A spreads over a leading IM network using the link http://(snip)/xmas-2006 FUNNY.jpg. This jpg is actually an HTML HTML in full HyperText Markup Language Markup language derived from SGML that is used to prepare hypertext documents. Relatively easy for nonprogrammers to master, HTML is the language used for documents on the World Wide Web. page that contains a WMF file See Windows Metafile. , taking advantage of a security vulnerability first identified on December 27. Opening the above link in a browser will infect users' computers by downloading an SDBot that is instructed to download the IM-Worm.Win32.Kelvir.WMF.A virus. In turn, this attempts to re-propagate the worm by using an IM buddy list A list of colleagues, workgroup members, friends, etc., that you might wish to communicate with via instant messaging. See instant messaging. . Since the discovery of the WMF vulnerability one week ago, this is the first time it is being exploited as an IM-based threat. A patch for the WMF security hole is not expected to be issued until Tuesday, January 10. Instant messaging is the easiest way for hackers to take advantage of this security breach because users simply need to click a link in an IM conversation to get directed to a Web site infecting their machines. Anti-virus software anti-virus software n → Antivirensoftware f will not likely protect against the worm, so enterprises are advised to warn employees of this potential IM security risk. To learn more about the IM-Worm.Win32.Kelvir.WMF.A worm, please visit the Akonix Security Center at www.imsecuritycenter.com. PREVENTION: For Akonix L7 Enterprise customers, systems are automatically configured to download and install the latest updates to the Akonix SPIM (SPam Instant Messaging) Unsolicited advertising appearing in instant messages. SPIM is even more annoying than spam. Unlike e-mail ads, which can often be relegated to a junk folder in the user's e-mail program, a SPIM ad pops up on screen whenever it is sent. & Malware Filter, and no IT intervention is required. Akonix L7 Enterprise is the industry's only IM security system that combines dynamically updated IM security policies and integrated anti-virus scanning to provide the most comprehensive protection for corporate networks from IM-based attacks. Other organizations should ensure all desktop computers are updated with the latest security patches A fix to a program that eliminates a vulnerability exploited by malicious hackers. See vulnerability and patch. , and that all public IM use is securely managed. ADDITIONAL INFORMATION: Akonix Security Center experts are available to comment on the IM-Worm.Win32.Kelvir.WMF.A worm and other real-time security risks. Representatives are able to discuss the rise in IM threats during 2005, based on the increased use of IM for business critical communications. Akonix recently released its Q4 2005 IM Threat Watch report, which reports that the Akonix Security Center in 2005 issued a total of 233 SPIM and malware filter updates, compared to only eight in 2004, an increase of approximately 2,800%. To receive a copy of the report, please email akonix@lewispr.com. For more information about the Akonix Security Center, or to sign up for IM security alerts, please visit www.imsecuritycenter.com. |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion