Don't Let Your Users Get Sucked into the Blackhole!
November 07, 2011 | POSTED BY BRETT EDGAR IN MALWARE, SECURITY
So what can corporate IT security administrators do to prevent this attack? There are several options. First, you can make sure that your Adobe Reader, Flash, and Java Runtime software on all of your client computers are being updated on a regular basis. This option is much easier said than done once you have more than a dozen PCs to worry about. There are some corporate systems management suites (e.g., LANDesk, Microsoft Systems Center Configuration Management, etc.) that could help manage this problem, but they are far from easy to install and wield properly.
The second option is to disallow use of all of this software in the first place. Unfortunately, in the modern corporate world all three of these applications are nearly essential to conduct business. Flash and Java are perhaps slightly less essential than Adobe Reader, but there are quite a few legitimate business-related websites that fail miserably if either of these software packages are missing.
The third option is probably the best: install a web filter that blocks Flash and Java except from white-listed websites. Unfortunately, installing a web filter usually requires a bit of a culture change and, for reasons I can't understand, corporate legal counsels are all too often scared of approving its use.
Anybody have other suggestions on how to attack this problem?