Document Shell Code Attacks Loom Large

    Date04 May 2007
    Posted ByBill Keys
    Targeted attacks that utilize vulnerabilities in popular document file formats and execute via hard-to-find shell code are becoming an increasingly popular menace, according to researchers at IBM's Internet Security Systems division.

    Experts working with the ISS X-Force group said that they've seen a rapid increase in the volume and variety of shell-code execution attacks leveled at their customers over the last 12 months.

    Among the types of files most frequently assailed in the attacks are the most common types of documents passed around many organizations today, including Microsoft Word, Excel and PowerPoint formats, as well as Adobe PDF files.

    Many times, the infected documents are being distributed inside specific organizations by hackers who disguise the threats as legitimate files being disseminated within a business via e-mail. Unlike many Web-based threats, the seemingly-innocuous documents typically give no warning that they actually carry malware code.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.