Home News Multiple Vulnerabilities Threa ...

News by WebKnowHow


Multiple Vulnerabilities Threaten Last Minute Christmas Shoppers

 

WebKnowHow
Friday, December 22, 2006; 07:03 AM

There has recently been a considerable increase in online transactions due to Christmas shopping. The security of these transactions could be seriously compromised due to multiple vulnerabilities affecting computer systems. Several flaws have just been identified in some Microsoft applications: two of them affecting Microsoft Word, and the other affecting Windows Media Player. These vulnerabilities could allow malicious programs or attackers to obtain confidential information, bank details, and account numbers of affected users.

"Since there are no patches currently available for these vulnerabilities, they represent an easy channel to carry out computer attacks. It is therefore necessary to combine traditional security solutions with proactive technologies capable of detecting unknown threats," said Luis Corrons, director of PandaLabs.

Users of Panda solutions have extra protection against these vulnerabilities due to its TruPrevent Technologies(TM). These technologies protect against all types of malicious attacks, whether they have been previously catalogued or not.

However, users should not only be concerned about software vulnerabilities this Christmas. As Christmas is closely approaching and last minute shopping is at its peak, the amount of spam in circulation doubles. Much of this junk mail includes links to fake online shopping or banking web pages, asking users for confidential data, a practice known as phishing. Another malicious practice widely used during the holiday season involves offering users free Christmas cards that they can download from a certain link. If the user clicks on the link, they will actually be downloading malicious code to their computers.

Malware creators are now primarily motivated by the lure of financial gain. By using vulnerabilities like those already mentioned to install Trojans on users' computers, or launching phishing e-mails to trick unwitting online shoppers, attackers can compromise the confidentiality of online transactions, Internet purchases, or visits to banking sites.

The Christmas season has always witnessed an increase in attacks. The MerryX.A Trojan, which hit the Internet in December 2005, arrived in a message with the subject "Merry Christmas!", and hid behind a Santa Claus animation with Christmas music. A year before, the Zafi.D worm caused an Orange Alert as it tried to pass itself off as a Christmas card in several languages. Also in 2004, PandaLabs detected three variants of the Atak worm included in e-mails with Christmas greetings. Panda Software had detected Maldal.C, which was launched in 2003, and like MerryX.A, used a Santa Claus Christmas card to infiltrate systems.

You can try the Panda Software solutions free of charge at http://www.pandasoftware.com/download

About Panda Software, USA

Panda Software (www.pandasoftware.com) is a world-class developer and provider of integrated security solutions designed to neutralize viruses, hackers, Trojans, spyware, phishing, spam, and other pervasive Internet threats. With Panda Software's revolutionary TruPrevent(TM) Technologies, the company's innovative products are on the leading-edge of intelligent security solutions, ensuring clients are protected even against new threats that have yet to be identified. PandaLabs, the most rapid responsive laboratory in the industry, delivers comprehensive updates to users, providing a worldwide response to malware 24 hours a day, 7 days a week, all year round.

 

Advertisement

Partners

Related Resources

Other Resources