ESET, a worldwide provider of antivirus solutions for business and home environments, recently released its Trends for 2012 report, offering predictions on what the new year has in store for the tech community in terms of malware and other threats.
Contributed by wubayou Rating: / 1 January 17, 2012
It’s not too surprising that ESET listed Microsoft’s Windows 7 operating system as one of 2012’s top targets for cybercriminals in 2012. More and more home and business users are continuing to shift towards the latest OS from Windows XP and other predecessors, prompting research firm Gartner to predict that Windows 7 will become the most widely used operating system by the end of 2012. As is usually the case, cybercriminals tend to target the most popular platforms to get a better return on investment, which puts Windows 7 on the priority list for many. Windows 7 does have improved security technology on its side, but as its defenses become more sophisticated, so will hackers’ attempts to overcome any obstacles in their way.
While Windows 7 is sure to see plenty of negative attention from hackers in 2012, ESET lists mobile devices as the top malware target. Sebastian Bortnik, ESET Latin America’s awareness and research coordinator, said, “In terms of top malware trends for 2012, first place has to go to malware for mobile devices.”
As mentioned, cybercriminals love to place popular items in their crosshairs, and there aren’t many items more popular than mobile devices. Smartphones and tablets are being released at an astonishing rate, and consumers are scooping them up to take advantage of their ever-improving functionality. ESET cites Google’s Android platform as the top mobile target of malware developers thanks to its strong market share.
ESET lists attacks concentrating on specific targets as another area of concern for 2012. Stuxnet made a splash in this area in 2011, as did the Duqu worm. As notorious as those two examples are, similar ones are expected to strike this year.
Lastly, ESET described a trending shift in 2012 toward newer methods of scam and malware distribution. Instead of using traditional avenues such as USB devices, email, or instant messaging, the company predicted that attackers will rely on drive-by downloads, social engineering techniques through sites like Facebook and Twitter, and blackhat SEO techniques that populate search results as more innovative ways to spread their reach.
Microsoft’s First Patch Tuesday of 2012 Features Seven Bulletins
Microsoft is kicking off 2012 in a rather busy fashion, as its first Patch Tuesday of the year will offer seven security updates to help patch a variety of vulnerabilities across its products. The seven updates tie the company’s record for previous Patch Tuesdays for January. Eight holes are expected to be fixed in all when the updates release on January 10 at approximately 1 p.m. Eastern time.
Only one of the updates carries the “critical” rating that Microsoft uses to tag its most crucial releases. The other six updates carry the second-highest rating of “important.” Microsoft said three of the updates deal with remote code execution that could result in undesirable consequences for those running unpatched computers.
One odd addition to the Patch Tuesday lineup is that of an update that is being classified as a security feature bypass, a classification that Microsoft has never used before. Angela Gunn of the Microsoft Security Response Center offered a brief explanation on the category in a blog post, noting: “[Security feature bypass]-class issues in themselves can't be leveraged by an attacker. Rather, a would-be attacker would use them to facilitate use of another exploit.”
While the new security feature bypass classification is interesting, some security experts do not believe its creation means that Microsoft expects many more like it in the future. Andrew Storms, nCircle Security’s director of security operations, said: “I think they just had an oddball and they didn't know what to do with it. Rather than try to shove it into an existing category, like remote code execution or elevation of privilege, they thought, 'Why muck with history? Let's just make a new one.”
Microsoft pulled a patch to fix the BEAST, or Browser Exploit Against SSL/TLS vulnerability last month due to compatibility issues. Whether or not the fix becomes part of this Patch Tuesday remains to be seen, although Storms predicted that it would be included.
The number of updates included in the first Patch Tuesday of 2012 marks a break from tradition for Microsoft, as the company kicked off years in the past with a much lighter load. Only two updates were featured in January 2008’s Patch Tuesday, and a single one was released in January 2009. The past two years were light as well, with 2010 and 2011 January Patch Tuesdays offering just two updates apiece.
Windows Security 
McAfee Identifies Threats for Windows 8 in 2012
