Researcher says Patch Tuesday fix should have been made earlier Security researcher Kafeine says one of this week's Microsoft patches addresses a vulnerability it knew of since last year, and may only have pulled the patching trigger after a spate of banking trojan attacks. The attacks utilised the low-level flaw (CVE-2016-3351) for cloaking purposes among an arsenal of exploits. The …
It has been a while since I was told this, so perhaps things have changed. My understanding is that Microsoft rates the severity of flaws and creates patches for them based on their risk and not the risk to their customers. Such an approach might be used to explain behavior of this sort given that any patch has risk associated with it and this particular flaw wasn't causing that much trouble in the wild, at least not to MS directly.
FTA: "The bank trojans were being dropped until Kafeine and fellow researchers reported the attacks to advertising networks whose infrastructure was being abused."
So the Ad networks were quite happily dishing out copies of the trojan software all over the place until they were notified by security researchers. Even a small amount of cursory scanning of files distributed over their Ad networks would have detected the booby trapped files. Oh, wait, that would have cost money. At the risk of generalising, I imagine that people who don't run Ad blockers are probably those least able to rectify all the problems introduced by such trojans.
And these Ad networks still don't get why we use ad blockers?!
Pandering to lazy IT personnel by supplying once-a-month security updates is NOT sane. End it. Tough if the lazy IT personnel don't like it. THEY can decide to let the updates pile up until the second Tuesday of the month, if they so choose/dare. Meanwhile, those of us who live in the real world require ASAP. It minimizes the infection period AND it keeps the malware rats on their toes as well. ASAP is the ideal.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
