Evaluate Websense products by watching demos and installing evaluation software.
Learn how Websense solutions help keep our customer safe, secure and productive
Get information on product updates, support resources and more.
Get the most out of support in five simple steps.
Find tools and assets to help sell Websense solutions.
Be notified of Websense news, product information, industry events and more.
With cloud infrastructure easily scalable and rented botnets coming on
the cheap, the cost of conducting massive phishing campaigns continues
to decline for cybercriminals. Even if the return rate is small or the
campaign is poorly executed, phishing can result in serious money for
criminals. Phishing will never simply go away—meaning ongoing headaches
for security professionals.
A new vulnerability related to the parsing of TIFF
images was found in the Microsoft Graphics component that affects
Microsoft Windows, Microsoft Office, and Microsoft Lync. Microsoft published Security Advisory 2896666 explaining the details. Microsoft Fix it 51004 is available to alleviate the problem until an update is available.
Our initial research of the exploit indicates that this vulnerability
is capable of affecting Microsoft Office versions 2003, 2007, and 2010
(Office 2010 vulnerability is limited to Windows XP and Server 2003
operating systems) and that it will fail on machines viewing the
documents in protected mode (ActiveX support in documents disabled).
While it is not easy to determine if computers have ActiveX enabled for
Office documents, it is possible to profile vulnerable combinations of
Microsoft Windows and Office to help understand the attack surface. Our telemetry feeds indicate the following breakdown of Microsoft
Office versions deployed in enterprise environments:
As we can see in the sample below, the remote download location for a
dropper is embedded in the
malicious Word document:
Follow us on SpiceWorks
We want to hear from you!