Home > Daily Thoughts, Emerging Threats, Exploits, Vulnerability > Non-Win32 Malicious Files

Non-Win32 Malicious Files

There are heaps of Non-Win32 malicious file currently in the wild. These files are crafted to allow attackers to remotely execute arbitrary code.  Although, it exploits known vulnerabilities, but still attackers find it useful as most of us do not bother applying security updates. So, the effect is massive installation of various threats in your computer.

FileType: SWF
Solution: Flash Player Update

FileType: RIFF Windows Animated Cursor
Solution: Microsoft Security Bulletin MS07-017

FileType: PDF
Solution: Adobe Reader and Acrobat Security Update

FileType: RAR
Solution: Update to latest version (version 3.61 and onwards)

Other non-exploited files:

FileType: DOC, Excel, PPT, JPEG, CHM
Behaviour: Drops and Install malicious EXE file

Filetype: ASF (Windows Audio/Video Files)
Behaviour: Connects to remote IP address to download malicious EXE file

For these kind of files, please make sure its coming from trusted source and make sure you have security software with updated signature installed.

Related Post:
Inside Exploited PDF
ASF File Specification & Recent Threats
Malicious CHM

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: