Alerts are on high for several viruses, attacks, and other computer threats expected to target PC users in 2007.
According to the "CA 2007 Internet Threat Outlook," published Thursday by the CA Security Advisor Team, zero-day exploits, drive-by malware downloads, and intricate "phishing" schemes are expected to become more sophisticated and dangerous during the next 12 months, while other threats, such as ransomware and Kernel rootkits, likely will increase in volume, as well.
Additionally, because virus distributors have become increasingly sophisticated, these attacks will be harder to detect, even for the most experienced PC user. Malware writers most likely will blend multiple formats, such as spam-borne Trojans and cross-site scripting code loaded onto legitimate websites, and adopt new, covert distribution methods in an effort to cloak their activity on PCs and circumvent antivirus systems.
Meanwhile, it also is expected that hackers will continue to contaminate search engine rankings and to perpetuate click-fraud on advertising networks, the report stated.
Coincidentally, the report was published on the same day Microsoft’s security response team launched investigations into reports of a zero-day attack against a previously unknown vulnerability in Microsoft Word.
Discovered during a live attack by antivirus vendor Symantec, the zero-day threat uses an exploit to drop "back door" files onto a computer when an infected Word document is opened, thus giving the attacker remote access to a user’s computer.
The incident resembles similar attacks against flaws in the Microsoft Office software products and has prompted conjecture among security researchers that corporate or government espionage could play a part in the viruses.
If the Word vulnerability continues, Microsoft is expected to issue a pre-patch advisory with workarounds or suggested actions for vulnerable customers.
