Vulnerabilities / Threats
1/31/2008
12:37 PM
50%
50%

Malware for Windows Is Widespread

BitDefender Lab's top 10 malware list for January reveals domination of malware exploiting Microsoft Windows Graphics

BUCHAREST, Romania –– BitDefender®, a global provider of award-winning antivirus software and data security solutions, announced today that malware exploiting Microsoft Windows graphics dominated the BitDefender Top 10 Malware List for January 2008. According to BitDefender Labs, the malware exploiting Microsoft Windows graphics rendering an engine vulnerability detailed in MS06-001, which was patched post-SP2.

"It is probable that a large number of unpatched copies of Windows exist in the wild, mostly pirated ones which don't download patches to avoid dealing with activation, hence the continued 'popularity' of this exploit among virus writers," said Sorin Dudea, head of BitDefender AV Research.

BitDefender

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0999
Published: 2015-06-02
Sendio before 7.2.4 includes the session identifier in URLs in emails, which allows remote attackers to obtain sensitive information and hijack sessions by reading the jsessionid parameter in the Referrer HTTP header.

CVE-2014-8391
Published: 2015-06-02
The Web interface in Sendio before 7.2.4 does not properly handle sessions, which allows remote authenticated users to obtain sensitive information from other users' sessions via a large number of request.

CVE-2015-0759
Published: 2015-06-02
Cross-site request forgery (CSRF) vulnerability in Cisco Headend Digital Broadband Delivery System allows remote attackers to hijack the authentication of arbitrary users.

CVE-2015-0850
Published: 2015-06-02
The Git plugin for FusionForge before 6.0rc4 allows remote attackers to execute arbitrary code via an unspecified parameter when creating a secondary Git repository.

CVE-2015-1945
Published: 2015-06-02
Unspecified vulnerability in the Reference Data Management component in IBM InfoSphere Master Data Management 10.1, 11.0, 11.3 before FP3, and 11.4 allows remote authenticated users to gain privileges via unknown vectors.

Dark Reading Radio
Archived Dark Reading Radio
From Target to Sony to Anthem, they are happening all around you: the “big” data breaches that compromise critical data and threaten the welfare of the corporate brand. Is your organization ready to respond?