Beat back the hacks

Seems like Techememe is now listing that Business Week article “Can Adobe Beat Back the Hackers?”, which I mentioned on Twitter yesterday.

Here’s the hot line: “Vulnerabilities in such widely used software can cause myriad problems. More than a dozen sites, including those of The New York Times, USA Today, and Nature, have been infected with fake ads that exploit Adobe software.”

The latter phrase should read “exploit older, un-updated Adobe software.” Attackers will use the newest vulnerabilities in hopes of increasing their catch — no surprise. This article contains the worry, but not the general advice readers need: keep your Internet software current.

The more-interesting part of this exploit is mentioned only in passing… trusted websites cannot always assure the third-party content they serve. The Web, as we know it today, is infected… more last week and last June… even trustworthy sites are not sure what they’re serving you.

(There’s also a line later on: “Historically, Adobe hasn’t had to contend with attacks, so it hasn’t been focused on potential weaknesses.” The Internet Archive has pages from the Macromedia Security Zone dating back to 2002.)

Summary: Yes, criminals are trying to exploit you. But to reduce the risk, keep your Internet software current. And consider using browser software (such as an ad-blocker) to monitor third-party content which may be attached to a trusted site.