silversurfer

Level 59
Verified
Trusted
Content Creator
Malware Hunter
Researchers have identified the use of Windows 10 functionality to automatically execute the OSTAP JavaScript downloader on victim machines. In their investigation, they found other attack groups abusing the same control, and earlier controls, with a slightly different technique.

The functionality being exploited is the latest version of the remote desktop ActiveX control class introduced for Windows 10, Morphisec Labs analysts explain in a blog post. Over the past few weeks, they have identified "a couple dozen documents" that execute the OSTAP JavaScript downloader.

Attackers use the ActiveX control to automatically execute a malicious macro after a victim enables a document. Most documents held an image to convince people to enable the content. Doing this executed the malicious macro; however, the image also concealed an ActiveX control below it. The OSTAP downloader is hidden in white text so it's invisible to people but can be read by machines. Researchers report this technique will work only on Windows 10 devices.

"As newer features are introduced to a constantly updating OS, so too the detection vendors need to update their techniques to protect the system," according to the blog post. "This often creates very exhaustive and time-consuming work, which in turn can lead to the opposite effect of pushing defenders even farther behind the attacker." Trickbot attackers are taking advantage of this.

Read more details here.
 

Andy Ful

Level 57
Verified
Trusted
Content Creator
But look a little .......😁😁
Strange that cyber criminals focus on W10 when most would prefer that they focus on Windows XP, Windows Vista, Windows 7 .......
It is probably true (as you suggest in your joke :) ) that Windows 10 can be the most attacked system because it is now the most popular one. Anyway, this can be compensated by the fact that it is also the most secure one. Most of the successful attacks on institutions, organizations, and enterprises were possible due to unpatched vulnerabilities - almost all of them could be patched long before the attack.
It can be also true, that Windows XP will be the most secure system in 5 years, because it will be almost impossible to find it installed on any machine.:)
 

Sampei Nihira

Level 6
Verified
It is probably true (as you suggest in your joke :) ) that Windows 10 can be the most attacked system because it is now the most popular one. Anyway, this can be compensated by the fact that it is also the most secure one. Most of the successful attacks on institutions, organizations, and enterprises were possible due to unpatched vulnerabilities - almost all of them could be patched long before the attack.
It can be also true, that Windows XP will be the most secure system in 5 years, because it will be almost impossible to find it installed on any machine.:)
True, W.10 is the safest Windows OS of the previous ones.
It doesn't seem difficult to me.;)
Like tomorrow, an OS W.11 will be safer than the current one.

But how much more code than W.XP is there in an OS W.10?
So much so that there are certainly dangerous vulnerabilities just waiting to be discovered.(y)
Malware-writers today develop malware that targets this unique Windows OS in the vast majority of cases.
And above all specific for OS x64.

As a matter of fact, the Windows OSes of the past will gradually become safer.
 

Andy Ful

Level 57
Verified
Trusted
Content Creator
...
But how much more code than W.XP is there in an OS W.10?
So much so that there are certainly dangerous vulnerabilities just waiting to be discovered.(y)
...
As a matter of fact, the Windows OSes of the past will gradually become safer.
We have now the situation that there are some Windows XP kernel vulnerabilities that will be probably discovered and not patched, so they will be a bulletproof door to any XP machine. Furthermore, there are fewer and fewer applications on Windows XP, which do not have vulnerabilities, because the vendors simply do not support them anymore. Windows XP can be attacked by vulnerabilities discovered in Windows IoT (Windows Embedded). Most malware can still infect Windows XP.
On the other side, we have Windows 10 which introduces many more vulnerabilities, which are usually patched (but not always) before they are used in the wild.

No one can evaluate the chances of being infected on Windows XP (restricted as in your setup) as compared to default Windows 10 setup, because they depend mostly on cybercriminals.
So you have the security choice similar to choosing between a long journey in a good new car or the short trips in the very old car repaired by you. :) (y)
 
Last edited:

Sampei Nihira

Level 6
Verified

Even today, Windows XP installations outnumber Linux installations.
And after the end of extended support, no XP-apocalypse occurred as predicted by many of you.

As I have always said, I also personally use an OS W.10 as well as an OS W.XP which, however, in my hands and with my knowledge and security configuration remains as safe as many of the configurations present in the specific subforum.

No difficulty finding updated software even today.
The same MBAE latest build can be installed with Windows XP.

Certainly we who use the OS Windows of the past must take more care than others to make a more restrictive setting in some components for example the browser.
 

Andy Ful

Level 57
Verified
Trusted
Content Creator
One remark about being attacked on Windows 10 and on Windows XP.
Suppose that I have a choice between Windows XP and vanilla Windows 10.
Let's assume that the chances of infection will be twice bigger on Windows 10 (????) due to the custom restrictions and anti-exploit software on Windows XP. Still, I will choose Windows 10, because I prefer to catch a cold twice than get one cancer.;)
 

Sampei Nihira

Level 6
Verified
One remark about being attacked on Windows 10 and on Windows XP.
Suppose that I have a choice between Windows XP and vanilla Windows 10, and the chances of infection will be twice bigger on Windows 10 (????) due to the custom restrictions and anti-exploit software on Windows XP. Still, I will choose Windows 10, because I prefer to catch a cold twice than get one cancer.;)
With Covid 19 almost becoming a pandemic, having a cold today is risky for health.;)
 

Outpost

Level 5
Verified
@Sampei Nihira

To be honest, you and your XP are a borderline case. (And this is meant to be a compliment) I think @Andy Ful intends to say (if I am wrong interpretation, feel free to deny me) that nowadays (to stay on topic with the medical example) is having an XP system is like being a subject who already has pathologies and because of Covid, it could have serious consequences. Then there are the exceptions (as in your case), an elderly person (OS) who is kept up to date (nutrition), who keeps himself in shape, who has no particular pathologies, who performs weekly medical checks. All this, however, is an exception, because if you admit it, the average situation (the outside) is definitely worse than you.
 

Sampei Nihira

Level 6
Verified
@Sampei Nihira

To be honest, you and your XP are a borderline case. (And this is meant to be a compliment) I think @Andy Ful intends to say (if I am wrong interpretation, feel free to deny me) that nowadays (to stay on topic with the medical example) is having an XP system is like being a subject who already has pathologies and because of Covid, it could have serious consequences. Then there are the exceptions (as in your case), an elderly person (OS) who is kept up to date (nutrition), who keeps himself in shape, who has no particular pathologies, who performs weekly medical checks. All this, however, is an exception, because if you admit it, the average situation (the outside) is definitely worse than you.
You are definitely right.(y);):)
 
Top