2 Comments

Summary:

Folks over at SANS have warned of a recent antivirus update that blocks access to servers and generates lots of false positives. One system administrator at a large financial services firm told us, on condition of anonymity, that the new Trend Micro pattern file took down […]

Folks over at SANS have warned of a recent antivirus update that blocks access to servers and generates lots of false positives. One system administrator at a large financial services firm told us, on condition of anonymity, that the new Trend Micro pattern file took down 300 systems within his organization.

“A pattern file caused slower performance for users attempting to access large files,” was all Christina Sarracino, a media contact at Trend, would tell us. So it’s unclear why people are reporting that the patch affected Oracle and Domino servers. Trend also wouldn’t explain what kinds of testing their patches undergo before release (though as a security firm, that’s probably a good thing.) Trend fixed the problem, which existed in a patch released on Feb. 12, with two patch updates later that day.

In the face of computer security threats, the world has automated all its security, from antivirus checking to spyware scanning to OS updates. And each of us has dozens of computing devices around us every day, from iPhones to Internet Tablets to game consoles. The bad guys have a lot more connected devices in which to hide their code.


Back in January, Marcus Sachs of the Internet Storm Center told The Register that “trying to (infect a product) all the way back at the factory…would be pretty hard to do.” Well, it didn’t take long. Late last month, Insignia, a maker of digital picture frames, announced that some of its frames had been infected with a virus in the manufacturing process.

Today the San Francisco Chronicle is reporting on a particularly nasty piece of malware that runs on frames and is designed to harvest personal data. Many of the higher-end frames connect to the Internet to pull photos down from photo-sharing sites, so they’re a good target too.

Is my Chumby next?

You’re subscribed! If you like, you can update your settings

  1. “Trend also wouldn’t explain what kinds of testing their patches undergo before release (though as a security firm, that’s probably a good thing.)”

    Why might that be? To me it sounds like you endorse security through obscurity, and we all know how silly that is.

  2. Alistair Croll Friday, February 15, 2008

    I agree (and would have liked them to be a bit more forthcoming.) But I imagine they get hundreds of wannabe script-kiddies trying to socially engineer their PR people, so they’re probably more trained than most not to divulge anything.

    Security through obscurity is daft.

Comments have been disabled for this post