Why is a 14-month-old patched Microsoft vulnerability still being exploited?

Hungry Man · Feb 8, 2012

Why is a 14-month-old patched Microsoft vulnerability still being exploited?

http://nakedsecurity.sophos.com/201...icrosoft-vulnerability-still-being-exploited/

The media - and indeed many parts of the security industry - just looove zero-day exploits. They are exciting to report, to research, to block...but interestingly, SophosLabs sees much more malware exploiting patched vulnerabilities.

I know - it's a bit weird. Why would malware authors bother to target a vulnerability for which a patch is already available for download...for free? Surely, it would be a lost cause, a dud, a lemon, a non-starter.

Alas, many people - and companies - don't get around to patching. And I just don't get why. If i cut myself, i put a plaster on it so I don't bleed all over the place. A no-brainer. Isn't patching security vulnerabilities in the same boat?
Click to expand...

xxJackxx · Feb 8, 2012

Couldn't tell you. I keep all of the machines I am responsible for very up date.

m00nbl00d · Feb 8, 2012

There are lots and lots of pirated Windows machines. Maybe lots and lots of people fear that an update will kill those versions, and they don't know which ones and therefore will disable Windows update altogether. That simple, not science involved.

Rmus · Feb 8, 2012

Hungry Man said:

Why is a 14-month-old patched Microsoft vulnerability still being exploited?
Click to expand...

Why is an almost 6-year-old patched Microsoft vulnerability still being exploited??!!

Exploit in the wild for MS06-014 – a five year old vulnerability
Thursday, January 20, 2011
http://research.zscaler.com/2011/01/exploit-in-wild-for-ms06-014-five-year.html

Although 0day vulnerabilities receive all the attention, it’s not unusual to see attackers still taking advantage of old vulnerabilities to attack end users. Here's such an example where the vulnerability used was MS06-014 – a five year old vulnerability!.
Click to expand...

An Overview of Exploit Packs (Update 15) January 28, 2012
http://contagiodump.blogspot.com/2010/06/overview-of-exploit-packs-update.html

Hierarchy Exploit Pack
=================
CVE-2006-0003 [IE6 MDAC] (MS:MS06-014 URL: http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx )
Click to expand...

Black Hole Exploits Kit
http://malwareint.blogspot.com/2011/08/black-hole-exploits-kit-110-inside.html

Exploits Full-On Demand

Black Hole Exploits Kit exploitation strategy focuses mainly based on Java and PDF, but always (like ALL Exploit Pack) without neglecting the classic MDAC.

CVE-2006-0003
Click to expand...

----
rich

TairikuOkami · Feb 9, 2012

Low budget for IT results in low security, it is as simple as that. For the managers buying PCs is the only expense necessary. Our IT guy is responsibile for the whole county, he is lucky, if he manages to keep them fixed. We have 1 person, who is responsibile for a software for the whole state. Cheap server with no backup crashes time to time, last time for a few houres so people in the whole state could not post packages, letters or pay bills. Post offices had to be closed for technical difficulties. Shall I continue?

Log in or Sign up

Why is a 14-month-old patched Microsoft vulnerability still being exploited?

Hungry Man Registered Member

xxJackxx Registered Member

m00nbl00d Registered Member

Rmus Exploit Analyst

TairikuOkami Registered Member

Log in or Sign up

Why is a 14-month-old patched Microsoft vulnerability still being exploited?

Hungry Man Registered Member

xxJackxx Registered Member

m00nbl00d Registered Member

Rmus Exploit Analyst

TairikuOkami Registered Member

Useful Searches