If I get what you're saying Timo--and please correct me if I'm wrong--
you are saying that most of the risk now is people downloading things
they first see when Googling, and they get zapped by some extra treat
in the software they just got.

I don't believe that.  I think that Adobe's horrors (the three fates of
Windows!), Acrobat, Flash and Shockwave represent an amazing
amount of the exploits out there.  Flash especially is a great vehicle
for handing out exploits.

Yes, some people wander around the net and say "Ohh! Thats neat!"
and download some crawling horror, but I think that the more main-
stream exploit is to take advantage of something dealing with the
web.

--STeve Andre'
 
On 09/23/10 14:18, Vasquez, Timo wrote:
[log in to unmask]" type="cite">

You know Firmin,

Most of the risk has been shifted to the source people are downloading from.  So many people rather Google a product, and grab from the first page of results. So that is a majority of the issue is repackaged products with additional *ware in it.  This is very hard to find cause most actions that are being executed are not going to set off a lot of the antivirus products with medium to low heuristics. 

 

You know I am curious as to a good antivirus that can run on Linux without having to be installed whenever there is a new kernel update.  So good luck to you and your quest old friend.

 

Timoteo "Timo" Vasquez; MCTS, MCP

   Client Services - Network Security Team

[log in to unmask] - 517.884-3082

        Administrative Information Services

                2 Administration Bldg

              East Lansing, MI 48832

                      "...I agree with you!"

 

From: Charlot, Firmin [mailto:[log in to unmask]]
Sent: Wednesday, September 22, 2010 3:15 PM
To: [log in to unmask]
Subject: [MSUNAG] Re-evaluating tools for patching workstations/servers and 3rd party apps

 

As you know the vectors of attacks have been shifting for some time now towards 3rd party apps like Adobe, Flash and others.

Do you know of any tools that can centrally scan for vulnerabilities and centrally remediate 3rd party apps, Windows & Linux Operating Systems? 

If you have a favorite that you would like to share that would be great.

Thanks.

 

Firmin Charlot, ITIL, MCSE, A+, Information Systems Manager

Michigan State University - Student Services

Educational and Support Services   162 Student Services Building   East Lansing, MI 48824
[log in to unmask]  (517) 432-7541
Submit technical requests at https://help.ess.msu.edu/