Silverlight Targeted by Exploit

Tuesday, November 19, 2013 @ 08:11 PM gHale

There is now an exploit for a vulnerability in Microsoft’s Silverlight browser plug-in.

Exploit kits are Web applications that check if visitors run outdated software on their computers and then exploit vulnerabilities in that software to install malware. They usually target popular applications accessible through browser plug-ins, such as Java, Flash Player and Adobe Reader.

Filling the Blackhole Void
Exploit Kit Replacement
Police Bust Blackhole Creator Suspect
FBI Busts Drug Web Site Owner

The attacks launched by exploit kits, called drive-by download attacks, have become one of the most effective methods of distributing malware.

According to an independent malware researcher who uses the pseudonym Kafeine, aside from Java and Flash Player, the web-based attack tool called Angler Exploit Kit (Angler EK) is now also targeting Silverlight, a runtime environment for rich Internet applications developed by Microsoft.

Angler EK appeared last month, shortly after the creator of the popular Blackhole exploit kit ended up busted in Russia. The kit is seeing use by the gang behind the Reveton ransomware that impersonates law enforcement agencies and asks victims to pay non-existent fines.

Before switching to Angler, the Reveton gang used Cool Exploit Kit, a more high-end version of Blackhole, Kafeine said in a blog post.

Angler includes an exploit for a remote code execution vulnerability in Silverlight 5 that’s known as CVE-2013-0074 and patched by Microsoft in March, Kafeine said.

It’s not clear how many users have Silverlight installed on their computers, but their number is likely to be in the tens of millions.

Most Netflix users need Silverlight, and there are more than 40 million Netflix subscribers, so there are enough potential targets to make a Silverlight exploit attractive.

Angler EK loads the Silverlight exploit only if the Java or Flash Player versions installed on the computer are not vulnerable, researchers said.

Silverlight users should make sure they have all the patches available for the software installed. Silverlight security patches normally distribute through the Windows Update mechanism.

Leave a Reply

You must be logged in to post a comment.