Staying Secure: Corrupted Software Files

Wednesday, July 28, 2010 @ 06:07 PM gHale


EDITOR’S NOTE: All users must remain vigilant about security. It just doesn’t happen because of technology, people must stay on top of their game to stay secure. The following is a short story on how users can protect themselves. ISSSource will incorporate these stories from US-CERT on an occasional basis.
An attacker can insert malicious code into any file, including common file types normally considered safe.
These files may include documents created with word processing software, spreadsheets, or image files. After corrupting the file, an attacker may distribute it through email or post it to a web site. Depending on the type of malicious code, you may infect your computer by just opening the file.
When corrupting files, attackers can take advantage of vulnerabilities they discover in the software used to create or open the file. These vulnerabilities allow attackers to insert and execute malicious scripts or code, and detection does not always occur. Sometimes the vulnerability involves a combination of certain files (such as a particular piece of software running on a particular operating system) or only affects certain versions of a software program.
There are various types of malicious code, including viruses, worms, and Trojan horses. However, the range of consequences varies even within these categories. The malicious code may perform one or more functions, including:
• Interfering with your computer’s ability to process information by consuming memory or bandwidth (causing your computer to become significantly slower or even “freeze”);
• Installing, altering, or deleting files on your computer;
• Giving the attacker access to your computer;
• Using your computer to attack other computers.
There are various forms to protect you system:
• Use and maintain anti-virus software – Anti-virus software recognizes and protects your computer against most known viruses, so you may be able to detect and remove the virus before it can do any damage. Because attackers are continually writing new viruses, it is important to keep your definitions up to date.
• Use caution with email attachments – Do not open email attachments that you were not expecting, especially if they are from people you do not know. If you decide to open an email attachment, scan it for viruses first. Not only is it possible for attackers to “spoof” the source of an email message, but your legitimate contacts may unknowingly send you an infected file.
• Be wary of downloadable files on web sites – Avoid downloading files from sites that you do not trust. If you are getting the files from a supposedly secure site, look for a web site certificate. If you do download a file from a web site, consider saving it to your computer and manually scanning it for viruses before opening it.
• Keep software up to date – Install software patches so attackers cannot take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it.
• Take advantage of security settings – Check the security settings of your email client and your web browser. Apply the highest level of security available that still gives you the functionality you need.



Leave a Reply

You must be logged in to post a comment.