|» IT Security NEWS|
|» 29 August 2010|
|Hackers give Microsoft advance warning|
Hackers who usually develop viruses on windows machines often experience system crashes while testing their code. Rocky Heckman, a senior security architect from Microsoft, said that there were many instances where virus code was sent to Microsoft along with debugging and error information from these machines.
It is a wonder that virus makers actually press the “Send” button when the OS asks them if they’d like to report error details to Microsoft. They overlook the fact that the error information also includes the virus code they are developing.
During last week’s Tech.Ed conference, Heckman’s discussion concerning hacking included the five most used hacking methods and how developers could prevent and protect themselves from such attacks. He taught delegates how the malicious code was created and how it was used in XSS and SQL injection attacks. He also informed them that knowledge about these methods can also be learned from the internet, that he hoped that they use this information ethically, and that this knowledge should be used to improve existing protection methods.
He gave Microsoft’s website as an example which gets attacked more than 7,000 times a second. Taking pride that their website managed to stay online even when a hacker was able to take down a large portion of the internet along with Amazon.com and eBay.
Heckman even sited the reasons why cross-site scripting and SQL injection hacking remain the same even after half a decade since the vulnerability was discovered. The first is that criminals prefer to stick with and practice the knowledge that they know, and that developers who should know better, are not taking the necessary proactive steps to address the issue.
If only developers realize that all the data inputted by a users could be dangerous until these data could be verified to be safe, these kinds of attack could be stopped even before they happen. Heckman believes that if developers listen to his advice, hackers will have to find other vulnerabilities to exploit.