Threat P.W.HPDFDI.2

URI: P.W.HPDFDI.2

Package: VulnerabilityCVSS

< prev | next >

Description: Infection of Process via malware in flow of Data from FlowsFrom: if the copy of Data received from FlowsFrom is infected with malware, process Process may become infected when it consumes the data as an input.

Threat Type: Primary Threat

Matching Pattern:

P.W.HPDFDI.2
MP-HPDFDI

Finds a Host running a Process that receives an incoming Data Flow and uses it as input, plus optionally the host and process managers. The Process is matched twice, so it can be referred to by either role name.

        (empty)

        (empty)

        (empty)

CSG-AntiMalwareAtHost

Anti-malware software is installed on device Host and kept up to date by regular software patches, and so can detect and prevent the execution of malicious code.

CSG-AutoSuspendCorruptDataFlow

The flow of data Data from FlowsFrom to FlowsTo can be automatically disabled to prevent corrupt or malicious content (including malware) from disrupting the receipient FlowsTo. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it also triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.

CSG-AutoSuspendCorruptDataFlow-Implementation-Runtime

The flow of data Data from FlowsFrom to FlowsTo has been automatically disabled to prevent corrupt or malicious content (including malware) from disrupting the receipient FlowsTo. This strategy represents activation of a contingency plan at runtime, and can be enabled to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Activation at runtime requires FlowsTo to be managed by a suitable adaptation framework. The Disabled Data Flow control should be deselected if and when the flow of data is enabled once again.

CSG-PatchingAtProcess

Use a systematic procedure for regular security patching of software used (including hosted process Process) on device Host, and have a contingency plan included in the system operating policies and practices for HostManager to manually apply patches immediately for Process should the need for them become urgent.

CSG-PatchingAtProcess-Implementation

Represents a situation in which software patches have been applied manually by HostManager to eliminate vulnerabilities in process Process. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Note that this should only be considered if a suitable software patch is available. To implement this at runtime, signal the responsible user HostManager.

CSG-SuspendCorruptDataFlow

The flow of data Data from FlowsFrom to FlowsTo can be temporarily blocked by the manager ProcessManager of recipient process FlowsTo to prevent corrupt or malicious content (including malware) from disrupting the process. This strategy represents a contingency plan, which can be used to reduce risk from some threats but it also triggers other threats representing possible side effects, depending on how likely it is that the contingency plan will need to be activated.

CSG-SuspendCorruptDataFlow-Implementation-Runtime

The flow of data Data from FlowsFrom to FlowsTo has been disabled by the manager ProcessManager of FlowsTo to prevent corrupt or malicious content (including malware) disrupting the process. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To activate it at runtime, signal user ProcessManager who is responsible for managing process FlowsTo. The Disabled Data Flow control should be deselected only when the flow of data is enabled again.