“Here you have” it… Yet-Another-Adobe-Exploit and why we need accuracy!

Posted on September 16, 2010 by Wedge Chief Scientist
No Gravatar

I have been away for a much needed holiday, spending quality time with my in-laws.  Apart from the typical gastronomical splurging (what else – Swiss chocolates, Swiss Cheese, etc.), holidays are a good time to reflect. 

Trains and Europe go hand in hand and while waiting for my train at Zurich HB Station, I noticed how simple, elegant and impeccably accurate all the stations’ clocks were.  Later that night, I read all about this timeless clock.  Designed by Hans Hilfiker in the 40s, this simple, elegant and impeccably accurate design is timeless and goes to prove that most problems require just that – simple, elegant, yet impecabbly accurate solutions. 

Thinking of our industry – providing security to computer networks and end-devices, I am not sure we are at that stage yet.  Here is why:   

The Ponemon Institute reports that (See bar chart 3 of the report) enterprises, on average, have 3.7 software agents installed on each endpoint to perform management, security and other operations. In addition, these enterprises have, on average, 3.9 different or distinct software management consoles for endpoint operations and security.  Yet, (See bar chart 17 of the report), more than 88% of these enterprises reported that virus or malware network intrusions were the most frequently encountered incidents experienced in 2008/2009!  

Ponemon reports that enterprises have 3.7 software agents installed on each endpoint to perform management, security and other operations, yet 88% of these enterprises reported that virus or malware network intrusions were the most frequently encountered incidents.  

And further, the daily headlines continue to prove that we need to change our approach.  The latest, Yet-Another-Adobe-Exploit (YAAE!), utilizes an old-school download and run approach – VBMania worm.  The worm propagates itself by sending you an e-mail with the title “Here you have” as shown:  

"Here you have" VBMania Worm Infected Message

While the document has been removed, hence, in effect, this worm has been killed, this simple PDF exploit goes to prove this: With all the complex endpoint solutions, or UTMs that we have installed, out there, we need simple, elegant yet accurate security solutions.   In the followup blogs, I will further elaborate on what this entails.

About Wedge Chief Scientist

Husam Kinawi, Chief Scientist Dr. Kinawi has a PhD and MSc in Computer Science from the Universities of Calgary, Canada and London, UK. In 1997, he co-founded Mpower Technologies Inc., a wireless telecommunications software company. In 1999, Dr. Kinawi co-founded ActiveIq.com (NASDAQ: AIQT), a Boston-based e-Business applications firm. Dr. Kinawi has over seventeen years of research and development experience working with industry leaders such as Newbridge (Alcatel), Siemens, United Technologies, and Apple in the areas of distributed information systems, embedded applications and wireless Internet solutions. Dr. Kinawi has also spoken at several major conferences, published several research papers, and is the holder of several patents in the area of mobile and wireless devices.
This entry was posted in Latest Security News. Bookmark the permalink.

2 Responses to “Here you have” it… Yet-Another-Adobe-Exploit and why we need accuracy!

  1. Margarett ChattenNo Gravatar says:
    December 3, 2010 at 5:10 PM

    Hey, very interesting post, it really got me thinking. Thank you.

    Reply
  2. B L BankNo Gravatar says:
    February 9, 2011 at 12:18 PM

    Thank you for keeping us updated. I quite appreciate it and find all of the facts really useful.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Before you submit form:
Human test by Not Captcha