Advertisement
Promo

Security threats Toolkit

Gartner: Beware of Bofra exploit

Dan Ilet ZDNet.co.uk

Published: 25 Nov 2004 16:50 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Hackers are set to increase their use of banner ad exploits as a means of gaining remote control of computers.

Analyst firm Gartner has predicted that attacks using the Bofra (buffer overflow frame exploit) or IFRAME exploit will become more common, especially around systems with sloppy patching.

In an emailed report issued on Thursday, the company said: "Gartner believes that attacks of this type will become increasingly common, especially around transition points -- systems where multiple versions of software (such as Windows 2000 and XP) are in use without full patches across both platforms."

The Bofra attack exploits an unpatched Internet Explorer 6.0 browser vulnerability, affecting Windows 2000 and Windows XP Service Pack 1 (SP1). Computers running SP2 not affected by the bug, but Apache Web servers are. The analyst company recommended businesses using Apache Web servers to apply security patches as soon as possible.

Earlier this year, Gartner publicly attacked Microsoft, saying companies should not expect the software giant to protect them.

"We've all been part of the biggest beta test the world has ever known -- Windows. Microsoft will not solve all of the security problems, no matter what the richest man in the world says," said Gartner vice-president Victor Wheatman in a keynote speech at Gartner's IT Security Summit in London.

Wheatman added that removing faulty software during operation was costing firms up to 5 percent more than finding flaws during testing.

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Did you find this article useful?
95 out of 158 people found this useful


Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:






Related Jobs

Desktop Deployment Analyst (Altiris)

IT SUPPORT-2nd Line-AD-Server2003-XP-WEST LONDON-25-30k

Desktop Support Engineer / 5 years exp / Dublin

Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Met will not reopen phone hack investi...

The Metropolitan Police will not reopen its investigation into alleged phone hacking by the News of the World. In a press statement delivered outside Scotland Yard on Thursday, Assistant... More

Post a comment

FUD over ChromeOS's security already?

It hasn't taken long for the security vendors to wake to the potential of Google's new ChromeOS. The potential that is, to create FUD – fear uncertainty and doubt. In a release today,... More

Post a comment

Feds take DDoS in their stride

The US Department of Homeland Security has said that a series of distributed denial-of-service attacks began on US government networks on 4 July. However, Amy Kudwa, deputy press... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters