Sunbelt Software: Threat Level Raised to High

August 2, 2010

Sunbelt Software, now part of the GFI Software family, has raised its Worldwide Threat Level to "high" in light of unpatched vulnerabilities in three widely-used applications or systems and the Defcon and Black Hat conferences in Las Vegas this week. Sunbelt Software last raised the Worldwide Threat Level in its flagship antivirus solution - VIPRE - to "high" in July 2009.

Botnet exploits have been reported for a vulnerability (CVE-2010-2568) in Microsoft Windows that allows an intruder to present a victim with a specially crafted shortcut (LNK file) that could enable the execution of arbitrary code with the privileges of the user. Also, with a certain AutoRun/AutoPlay configuration, exploitation could occur without any interaction from the user.

Secunia is warning of a buffer overflow vulnerability in Apple's QuickTime Player that could enable a malicious web page to execute arbitrary code. No fix is currently available.

Cisco has issued a security advisory warning of a vulnerability in hard-coded SNMP community names in its Industrial Ethernet 3000 series switches. A fix isn't expected until August, although workarounds are available.

In addition to the above high-profile vulnerabilities, the Black Hat and Defcon security conferences are going on this week in Las Vegas. Black Hat concluded on Thursday and Defcon runs from today (Friday) until Sunday. The presentations at the two are of high interest worldwide to hackers and malicious code writers. Sunbelt Software malware researchers and malware analysis tool developers were in attendance at Black Hat and will be attending Defcon this weekend.

Internet users should: