Non executables files used to be safe to open and only executables files could be dangerous. Those days are long gone and office documents have become sources of virus infections. But which ones are the most dangerous?
The document I analyzed contains other malformed fields that don’t seem to be related to the bug, so we suspect this document was the result of several experiments of fuzzing techniques. Fuzzing file formats and client applications to find new bugs is an activity that still keeps many security researchers busy, but also many malicious-minded hackers. For readers interested in vulnerabilities and targeted attacks, I suggest that you have a look at this Symantec paper. Attackers are always looking for new bugs, because often a simple crash can be transformed into a zero-day weapon used against companies and organizations.
The following chart has been created by analyzing the number of malicious Trojans exploiting file formats in the last year. Word (.doc) seems to still be the preferred attack vector, but recently we observed some other vectors emerging, such as .xls, .pdf, and also Ichitaro documents (.jtd), which are popular in Japan. Once again, our advice is to be extremely careful when opening any type of email attachment, even when they arrive with a file format considered “safe” and non-executable.
Full article from Symantec.Related articles:
Security4all Blog
Twitter
Slideshare
Facebook
Digg
Flickr
0 comments:
Post a Comment