7 of 15Image
IIS is a sitting duck
Before Microsoft got its security act together, one of their most vulnerable products was one of the most exposed: IIS (Internet Information Server), the web server that comes with Windows. Both the Code Red and Nimda botnets were highly successful in exploiting vulnerabilities simply by sending HTTP requests to IIS servers.
eEye Digital Security employees Marc Maiffret and Ryan Permeh. They named it "Code Red" because Code Red Mountain Dew was what they were drinking at the time.
Code Red was the first widespread use of IIS vulnerabilities and must have been one of the major motivations behind Bill Gates's decision to make security a major priority at Microsoft. Within a few years IIS did a Charles Atlas, going from 90 pound security weakling to the most secure web server available. But at the time, IIS's reputation was deservedly in the gutter.
Nimda was also a pioneer in the use of multiple infection vectors: it could also spread via email, network shares, by surfing compromised web sites, and through back doors left by other bots.
iPwn! Hack an iPhone with an SMS message
Charlie Miller, now an engineer at Twitter, has long been known as one of the top researchers of Apple products. In August 2009 at the Black Hat security conference, Miller outdid himself with an iPhone hack that must have rattled some chains at Apple.
Miller, along with Collin Mulliner, demonstrated how they could send an SMS text message to an iPhone and compromise the phone automatically when the message was received.
The vulnerability led to no real-world attacks because Miller reported it responsibly to Apple, who had an update out in time for Black Hat. Had the wrong people discovered it earlier the consequences would have been severe.
To this day, the iPhone SMS hole remains one of the most eye-opening security vulnerabilities ever.
Image: Charlie Miller
Adobe Acrobat & Reader. Now we fear PDFs.
Adobe's PDF document format, long ago released as an open standard, has become one of those formats that you can assume everyone can read. Lots of software reads PDF files, but most people still use the Adobe Reader program to do it. In the mid-to late 00's, numerous vulnerabilities led to numerous exploits using numerous malicious PDFs to turn numerous Windows users into bots.
As with the Flash vulnerabilities of years gone by, none of the Acrobat/Reader vulnerabilities really stood out over the others. It was the steady parade of them and the consequent need for frequent updates that stands out.
As with Flash vulnerabilities, Adobe has steadily hardened Reader and Acrobat so that vulnerabilities are fewer and less-severe.
Image: Security @ Adobe blog