Story image

Trend Micro urges partner action

03 Feb 15

Trend Micro is urging resellers to take a proactive role in advising customers of a zero-day vulnerability under attack affecting Adobe Flash Player.

The zero-day exploit has been confirmed by Adobe and is currently unpatched. Trend Micro says the vulnerability puts more than one billion connected desktops with the current version of Adobe Flash at risk.

“This zero-day exploit in Adobe Flash has been identified in the US, but we recommend that the New Zealand channel works with their customers to protect against the vulnerability,” says Robin Marjason, Trend Micro ANZ channel and distribution manager.

“Trend Micro’s primary recommendation to users when vulnerabilities such as this one is discovered is to apply a vendor-issued patch as soon as possible; however, Adobe has not yet released an official patch or fix for this issue [yet],” Marjason says.

“We recommend users disable or block affected versions of Flash Player until a fixed version is released, and we are closely working with Adobe to ensure a patch will be available this week to address this vulnerability.”

The vulnerability is similar to one last week which affected Adobe’s Flash product on Microsoft Windows.

“Just like that situation, the attacks are being carried out through compromised online advertisements, a technique sometimes called malvertising,” said Christopher Budd, Trend Micro’s global threat communications manager.

Today’s attack dates back to at least January 14, 2015, with increased activity beginning January 27.

“We’ve seen 3,294 hits of a known, compromised site. These latest attacks appear so far to be primarily affecting users in the United States,” says Budd.
 
Trend Micro suggests the following for customers and channel partners wishing to mitigate the problem:
 1.       The Browser Exploit Prevention (BEP) feature in Trend Micro Endpoint solutions blocks the exploit upon accessing the URL it is hosted in. BEP also protects against exploits that target browsers or related plugins.
 2.       Trend Micro Deep Security, Vulnerability Protection (formerly the IDF plug-in for OfficeScan), and Deep Discovery customers with the latest rules also have an additional layer of protection against this vulnerability. Specifically, Trend Micro will be releasing the following rules and patterns for proactive protection:
·       Deep Security rule DSRU15-004;
·       Deep Packet Inspection (DPI) rule 1006468 for Deep Security and Vulnerability Protection (formerly the IDF plug-in for OfficeScan) customers; and
·       The existing Sandbox and Script Analyzer engine that is part of Deep Discovery can also be used to detect this threat, without any engine or pattern update.
 3.       Administrators looking to block Flash can specifically block the affected versions from running or even lockdown their endpoints to only run specific applications and their updates with Trend Micro Endpoint Application Control.  This lockdown policy therefore blocks all unwanted applications (e.g. any malware from executing on the endpoint).

McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Review: Blue Mic’s Satellite headphones are good but...
Blue Mic’s newest wireless headphones deliver on sound, aesthetic, and comfort - but there is a more insidious issue at hand.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
Forcepoint and Chillisoft - “a powerful combination”
Following Chillisoft’s portfolio expansion by signing on Forcepoint, the companies’ execs explain how this is a match made in cybersecurity heaven.
David Hickling in memoriam: “Celebrate the life and the music it made”
Dave was a well-respected presence in the IT channel and his recent death was felt by all the many people who knew him as a colleague and a friend.
Jade Software & Ambit take chatbots to next level of AI
“Conversation Agents present a huge opportunity to increase customer and employee engagement in a cost-effective manner."
IDC: Smartphone shipments ready to stabilise in 2019
IDC expects year-over-year shipment growth of 2.6% in 2019, while the world's largest market is still forecast to be down 8.8% in 2018.