Viruses/Worms News

Green Dam web filter still vulnerable to exploits

Friday, June 26, 2009

Green Dam Youth Escort, the web filtering software China is requiring PC-makers to preinstall on all new machines sold in the country starting July 1, is still vulnerable to exploits that web security experts warn could lead to the creation of a botnet for spreading malware.

China's government insists that the software is necessary for blocking access to pornographic content, but researchers using the software said it also blocks political content and tracks online activity.
Earlier this month, security researchers from the University of Michigan identified two security flaws that could have allowed remote parties to execute arbitrary code and take control of the computer, which the software maker has since patched.

But the researchers said last week they had discovered another security hole on the latest version which a maliciously-crafted website could exploit to take control of the computer. It took them only an hour to find the bug, they said.

The researchers wrote that making Green Dam safe from exploits will require substantial changes and careful retesting.

"It is unlikely that the required changes can be completed … before China's July 1 deadline for mandatory distribution of Green Dam with new PCs," they wrote.

Another security researcher has posted attack code to the Milw0rm website, which has been circulating in the wild for a week, according to CNET News.
ADNFCR-1765-ID-19239263-ADNFCR

Related News:

Researchers: Malware attackers reloading for Windows 7 assaults - 11.20.2009
A report issued yesterday by computer security firm Symantec says that hackers are undoubtedly reworking their malicious software to target Windows 7 as more users switch to the latest version of Microsoft's flagship OS.

Want to secure your iPhone against intruders? There's an app for that - 11.20.2009
Cisco Systems today released a free iPhone app that will allow users to receive security updates and the latest news on web threats, as well as aggregating additional security related content for iPhone users.

Microsoft says 64-bit versions of Windows are harder to infect - 11.19.2009
Members of Microsoft's security team write that 64-bit editions of Windows are much less susceptible to malware attacks, but outside experts caution that 64-bit malware could be the next big thing in cyber crime.

Google coming down hard on malicious advertisers - 11.18.2009
Search giant Google has said that it will lay down the law where scam artists and malvertisers are concerned: Permanent bans will be the result of any fraudulent activity on the company's AdWords service.

If at first you don't succeed: Most malware protection fails first round of certification testing - 11.17.2009
A study performed by security testing and research firm ICSA Labs says that almost four out of five computer security products fail their first certification tests and need to be retooled for a second and sometimes a third attempt.
View Related Resources
Or
Watch an Online Demo
Or
Have us call you now