Wednesday, 24 June 2015

G Data: Windows User Must Install Optional UAC Patch

Windows users would be wise to install an optional update for Windows, other malware can use a trick to get unnoticed administrator rights on the computer, so advises the German anti-virus company G Data.Following the spread of the Dridex malware.

This is a Trojan horse that recently in Belgium for major damage caused by the banking system to attack the Belgian companies use. The malware spreads via e-mail and MHTML document. This document contains a macro that attempts to download a "downloader". The downloader will place the final malware on the system. If the user macros enable the downloader is downloaded in Microsoft Office. To get administrative rights on the computer downloader tries to bypass the UAC window.

Windows User Account Control (UAC) is a security measure designed to protect computers from Microsoft as "hackers and malicious software." As software or a user wants to change some Windows settings or try to perform actions that require administrative privileges displays a UAC warning. The downloader adjusts according to G Data to a popular trick to hide the UAC warning. It uses a customized file SDB . In this case, Windows will not show because UAC window.

Microsoft has released a patch developed that allows the UAC warning is also shown in this case, but this is an optional update. "The malware creators abuse a weakness in Microsoft's operating system to be without displaying the UAC notification system. Therefore, we strongly recommend to install the Microsoft patch, Microsoft even designates it as a required patch," the German anti-virus company. In addition, users advised to not open email attachments from unknown senders and no macros enable foreign documents.

No comments:

Post a Comment