Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.
-
Upload
sarai-lattimore -
Category
Documents
-
view
214 -
download
2
Transcript of Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.
![Page 1: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/1.jpg)
Update your Software or Die!
Wolfgang KandekQualys, Inc.
RMISC 2012 Denver - May 18, 2012
![Page 2: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/2.jpg)
Advanced Persistent Threat(APT)
![Page 3: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/3.jpg)
Advanced Persistent Threat(APT)Or
Mass Malware Attacks
![Page 4: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/4.jpg)
![Page 5: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/5.jpg)
![Page 6: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/6.jpg)
![Page 7: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/7.jpg)
![Page 8: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/8.jpg)
![Page 9: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/9.jpg)
Attack Example #1
![Page 10: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/10.jpg)
ExploitKits
![Page 11: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/11.jpg)
ExploitKitsCVE-2006-0003 (MDAC)
![Page 12: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/12.jpg)
ExploitKitsCVE-2006-0003 (MDAC)…
CVE-2011-3544 (Rhino)
![Page 13: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/13.jpg)
Website
![Page 14: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/14.jpg)
Website ExploitKit Server
![Page 15: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/15.jpg)
Website ExploitKit Server
C&CServer
![Page 16: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/16.jpg)
Website ExploitKit Server
C&CServer
• Has Traffic
• Was exploited to plant links
![Page 17: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/17.jpg)
Website ExploitKit Server
C&CServer
• Serves Exploits
• Browser/Plug-in vulnerabilities
• Has Traffic
• Was exploited to plant links
![Page 18: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/18.jpg)
• Controls malware
Website ExploitKit Server
C&CServer
• Serves Exploits
• Browser/Plug-in vulnerabilities
• Has Traffic
• Was exploited to plant links
![Page 19: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/19.jpg)
Live Demo
![Page 20: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/20.jpg)
![Page 21: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/21.jpg)
![Page 22: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/22.jpg)
![Page 23: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/23.jpg)
Patching
![Page 24: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/24.jpg)
![Page 25: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/25.jpg)
![Page 26: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/26.jpg)
CVE-2011-3544 Java RhinoCVE-2011-2140 Flash 10
CVE-2011-2100 Adobe ReaderCVE-2011-0611 Flash 10
CVE-2010-3971 IE8…
![Page 27: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/27.jpg)
![Page 28: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/28.jpg)
PatchingApps
![Page 29: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/29.jpg)
PatchingApps and Browser
![Page 30: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/30.jpg)
PatchingApps and Browser
and OS
![Page 31: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/31.jpg)
Attack Example #2
![Page 32: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/32.jpg)
CVE-2011-0611
![Page 33: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/33.jpg)
CVE-2011-0611Flash 0-day
![Page 34: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/34.jpg)
Attack VectorE-Mail
![Page 35: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/35.jpg)
![Page 36: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/36.jpg)
The Attachment
![Page 37: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/37.jpg)
![Page 38: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/38.jpg)
![Page 39: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/39.jpg)
Flash 0-dayrunning
![Page 40: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/40.jpg)
The Embedded Attachment
![Page 41: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/41.jpg)
![Page 42: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/42.jpg)
The Malware
![Page 43: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/43.jpg)
Poison Ivy mincesur.com
![Page 44: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/44.jpg)
![Page 45: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/45.jpg)
DEPData Execution Prevention
XP SP2 forward
![Page 46: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/46.jpg)
Live Demo
![Page 47: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/47.jpg)
Attack Example #3
![Page 48: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/48.jpg)
Java Applet AttackPentest Special
![Page 49: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/49.jpg)
![Page 50: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/50.jpg)
![Page 51: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/51.jpg)
![Page 52: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/52.jpg)
![Page 53: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/53.jpg)
Uninstall Java
![Page 54: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/54.jpg)
Restrict Java
![Page 55: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/55.jpg)
Internet Explorer
![Page 56: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/56.jpg)
1C00 to 0 In Zone 3
![Page 57: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/57.jpg)
1C00 to 0 In Zone 3
![Page 58: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/58.jpg)
Google Chrome
![Page 59: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/59.jpg)
Google Chrome
![Page 60: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/60.jpg)
Mozilla Firefox
![Page 61: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/61.jpg)
Mozilla Firefox
![Page 62: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/62.jpg)
Mac OS X
![Page 63: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/63.jpg)
Mac OS X
![Page 64: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/64.jpg)
Mac OS XMade it now simpler
![Page 65: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/65.jpg)
Mac OS XMade it now simpler
Java 1.6U31 will autodisable if
Not used in 35 days
![Page 66: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/66.jpg)
Restrict JavaIE – trusted sites
![Page 67: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/67.jpg)
Attack Example #4
![Page 68: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/68.jpg)
CVE-2011-2462
![Page 69: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/69.jpg)
CVE-2011-2462Adobe Reader 0-day
![Page 70: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/70.jpg)
![Page 71: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/71.jpg)
![Page 72: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/72.jpg)
![Page 73: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/73.jpg)
![Page 74: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/74.jpg)
![Page 75: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/75.jpg)
No JavaScript in Adobe Reader
![Page 76: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/76.jpg)
Live Demo
![Page 77: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/77.jpg)
Counter-measures
![Page 78: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/78.jpg)
Latest PatchesDEP
Restrict JavaJavaScript in Adobe Reader
![Page 79: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/79.jpg)
Non-admin User
![Page 80: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/80.jpg)
![Page 81: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/81.jpg)
Flash 0-dayAdobe Reader 0-day
![Page 82: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/82.jpg)
Microsoft Office 2010Protected View Sandbox
![Page 83: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/83.jpg)
![Page 84: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/84.jpg)
![Page 85: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/85.jpg)
Flash 0-day
![Page 86: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/86.jpg)
Autorun off
![Page 87: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/87.jpg)
NoDriveTypeAutoRun -> FF
![Page 88: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/88.jpg)
MSFT SIR: Malware propagation
![Page 89: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/89.jpg)
Latest Software
![Page 90: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/90.jpg)
Win 7 > XP
![Page 91: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/91.jpg)
Office 2010 > 2007
![Page 92: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/92.jpg)
Adobe Reader X > 9
![Page 93: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/93.jpg)
IE9 > 8,7,6
![Page 94: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/94.jpg)
How to apply what you have seen Configure for Safety
Force DEP On Whitelist Java on the Internet No Javascript in Adobe Reader Non Admin User Autorun off
![Page 95: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/95.jpg)
![Page 96: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/96.jpg)
How to apply what you have seen Run latest software
Office 2010 Adobe Reader X
Be fully patched Applications OS
![Page 97: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/97.jpg)
Questions?
100
![Page 99: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/99.jpg)
Bonus Slides
![Page 100: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/100.jpg)
No Javascript in Adobe Reader
![Page 101: Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.](https://reader038.fdocuments.in/reader038/viewer/2022110320/56649c995503460f94956737/html5/thumbnails/101.jpg)
1C00 -> 0 in Zone 3