1Q Security Roundup: Zero-Days Dominate
Looking back at the first quarter of the year, the highlight – or, perhaps more appropriately, lowlight – was clear. Popular software packages like Reader/Acrobat, Flash, and Java all had to deal with multiple zero-day exploits in the month – exploits that became widely available in underground circles long before any patches were made available by the vendors.
Having one high-profile incident like that in a quarter is significant in and of itself, but having multiple ones that affect different applications is even more unusual. Users were put at increased risk of downloading malicious files – without them having done anything wrong – multiple times in the quarter. In the absence of an official patch from vendors, home users didn’t have an effective way to protect themselves. Such was the scale of the problem that the US Department of Homeland Security urged users to remove Java if they didn’t need it.
These exploits were soon incorporated into exploit kits, which became something of a growth industry in the quarter as well. In addition to the familiar Blackhole Exploit Kit, we saw new ones like Whitehole and Cool emerge as well.
The spectre of destructive attacks (as we outlined in our 2013 predictions) was raised, too, when a large-scale attack took many computers in South Korea offline by deleting their Master Boot Record (MBR), rendering them unable to boot. The identity of those responsible behind these attacks remain unclear.
For full details about these and other threats encountered in the first quarter of 2013, you may consult our just-published 1Q Security Roundup.