Operating Systems and File Format Vulnerabilities

File format vulnerabilities are a fairly new type of security threat for PC operating systems. The vulnerability can be present across platforms in programs such as Adobe Acrobat, as well as other operating system programs. Hackers have created malware that focuses on file format vulnerabilities in these programs that attack the Windows environment as well as Macintosh and Linux operating systems.

There has been an increase of new patches to repair the vulnerability in file formats followed by a steady stream of constant updates. The vulnerability is exploited by a single file containing malware that is capable of reading the contents of the local file system. For example, if there is a file format vulnerability in Adobe Acrobat, the hacker simply creates a PDF file which exploits the vulnerability and is also capable of taking over the PC's operating system.

How to Prevent File Format Vulnerabilities

  • Patch Management: Take the time to use patch applications on a regular basis to repair the vulnerability. Although this involves a little time investment, you stand a better chance of protecting your information and your PCs operating system. The process can be rather involved due to the fact that the patching process is often different for each application. For example, applications such as Adobe have their own application updates while Microsoft has an updating process for applications associated with its operating system. Other applications may not have an update procedure so you will have to perform it manually.
  • Use Less Software: If you reduce the amount of software that you have installed, there is less chance of a file format vulnerability. Also, you will not have to keep up with all of the updated patches that come out for newly discovered vulnerabilities.
  • Keep Up With Security Issues: Many times a file format vulnerability will be discovered before a patch is developed to repair the vulnerability. Make sure you stay current with security announcements in an effort to discover the vulnerability before a hacker does.
  • Monitor Configurations: Monitor the configuration on a regular basis to ensure that there are no vulnerabilities where hackers can install malware, change configuration settings, and exploit applications security.

The reason the hackers are turning to file format vulnerabilities is due to operating system upgrades that are a result of past exploits. The upgrades are making it more difficult for hackers to find a vulnerability so they are using file format vulnerabilities as an alternative method of hacking into a system.

In addition to taking note of these steps to protect against file format vulnerabilities, you should make it a point to become familiar with the updating processes of your operating systems and applications since exploits can take place across the platform of all applications and the operating system. You can also stay current with patches by accessing the Microsoft Security Bulletin that is located on the Microsoft website.

(0 Comments)
Log in or sign up to comment.

Post a comment

Log in or sign up to comment.
Spyware has many ways of getting onto your computer, such as:

When you download programs - particularly freeware, or peer-to-peer sharing programs.

More covertly, spyware can install itself just by you visiting certain sites, by prompting you to download an application to see the site properly.

ActiveX controls. These pesky spyware makers will prompt you to install themselves while using your Internet browser