[ISN] Software Updates Vulnerable To Hijacking

From: InfoSec News <alerts_at_private>
Date: Wed, 5 Aug 2009 04:34:03 -0500 (CDT)
http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=219000172

By Thomas Claburn
InformationWeek
August 4, 2009

The security risks posed by the use public Wi-Fi networks have been 
known for years, but even cautious computer users may be vulnerable to 
attack when connected to public Wi-Fi networks as a result of the 
widespread insecurity of automated software updates.

In a recent presentation at the DEFCON security conference in Las Vegas, 
Radware security researchers Itzik Kotler and Tomer Bitton revealed that 
hundreds of popular applications are vulnerable to a man-in-the-middle 
attack because they rely on a flawed software update process.

To demonstrate the flaw, Kotler and Bitton have released software called 
ippon-mitm that can hijack software update sessions and answer update 
queries by returning malware to the requesting computer. Often, a user 
will be unaware that an update query has been sent and intercepted and 
may continuing to enter sensitive information into the compromised 
computer.

The researchers said that the update mechanisms in Alcohol 120, Adobe 
(NSDQ: ADBE) PDF Reader, GOM Player, Hex Workshop, iMesh, and Skype, 
among other applications, were vulnerable.

Kotler declined to name the rest of the vulnerable applications, saying 
that his company has been in contact with the appropriate vendors to 
inform them about the problem. A company spokesperson was not 
immediately available to clarify whether any of the vulnerable 
applications have been patched since the DEFCON presentation.

[...]


__________________________
Subscribe to InfoSec News
http://www.infosecnews.org 
Received on Wed Aug 05 2009 - 02:34:03 PDT

This archive was generated by hypermail 2.2.0 : Wed Aug 05 2009 - 02:49:49 PDT