Cyber Vulnerabilities

1352 Words 6 Pages
INTRODUCTION
With cyber-attacks on the continuous rise, organizations public and private must address computer security vulnerabilities. SANS Institute has revealed “unpatched client-side software applications” as the top priority vulnerability for organizations globally. In conjunction with unpatched client software, vulnerable “Internet-facing web sites” can result in an organizations infrastructure to be compromised. In this study I will address the issue of unpatched client software, the impact to an organizations infrastructure, and patch management as a vital mitigation solution. (http://www.sans.org)
BODY
CLIENT SIDE “UNPATCHED” SOFTWARE APPLICATIONS VULNERABILITIES
Newly released software inevitably has glitches or “bugs”.
…show more content…
Email is a trending tool to exploit client side vulnerabilities. Email is a tool for spear phishing. Spear phishing exploits client-side vulnerabilities by using deceptive impersonations of applications. The email may contain a link to a trusted website, where the victim discloses personal information. Typically, the ultimate goal of the attacker is to steal data from the targeted organization and also to install back doors access so attacker can return for further exploitation. Do not open any junk mail, open email messages in plain text preferably HTML or RTF, lower administrative rights while access web browsers and no opening attachment until properly scanned (www.sans.org)
Office solutions software applications are used as an exploit tool for spear phishing attacks using email. When a user opens the malicious document the exploits vulnerabilities in the office software begin. An attacker hosts a malicious document on a web server or shared folder, and entices a user to browse to the web page or the shared folder. Note that, in most situations, Internet Explorer automatically opens Microsoft Office documents. Hence, browsing the malicious web page or folder is sufficient for vulnerability exploitation in many cases (www.sans.org)
Navigating vulnerable unpatched client-side workstations through the Internet super highway can lead to computer security
Open Document