Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43434
  • Total Topics: 16528
  • Online today: 3114
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 2
Guests: 3015
Total: 3017









Author Topic: Autocad attacks return after four years in wilderness (AL/Utax-A, AL/Logo-A)  (Read 2799 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Viruses attacking users of the Autocad computer assisted design application have recently resurfaced after taking a four-year hiatus, prompting a call from one security watcher for more to be done to done to prevent such outbreaks.

And indeed, that's exactly what Autodesk, the California-based maker of the high-end program, has pledged to do.

Over the past few weeks, Sophos Senior Threat Researcher Paul Baccas has spotted two viruses that target Autocad. One of them, dubbed AL/Utax-A, attempts to create new users, a sign that the virus writers are acting out of malicious intent, he said. A newer pest called AL/Logo-A is more of a nuisance. According to an analysis that isn't yet complete, it copies itself to Autocad files, but it isn't believed to modify or delete any data.

To be sure, the resurgence is small, but Baccas says it highlights a very real vulnerability in Autocad and other applications that employ user-generated scripts to automate repetitive tasks. While Microsoft made significant changes to its Office 2007 to blunt the threat of macro-borne attacks, many other application makers have yet to follow suit.

"It's always good for developers to think about security and security holes, especially if they are providing an automated scripting language to automate tasks," Baccas told The Register. "I would like to talk to people from Autodesk about this problem."

Autocad developers are already on the case, said Noah Cole, a senior communications manager at Autodesk. The next version of the program will be redesigned so scripts are loaded in a "more secure and trusted manner," he said.

The most recently discovered virus spreads through a scripting file called acad.vlx, which is transmitted when designers exchange their work. Once it's on a user's machine, it gets loaded each time Autocad is started. Similar Autocad viruses were reported in 2005, but have largely been dormant since then.

Sophos and most other anti-virus programs detect the viruses, Cole said.

More about the viruses is here: http://www.sophos.com/blogs/sophoslabs/?p=5969 and here: http://autodesk.blogs.com/between_the_lines/2009/08/malicious-code-alert-acadvlx-and-solution.html

(Register)

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023