PC Review


Reply
Thread Tools Rate Thread

IFRAME Exploit Spreading Through Banner

 
 
JM Tella Llop [MVP Windows]
Guest
Posts: n/a
 
      21st Nov 2004
IFRAME Exploit Spreading Through Banner Ads Security
http://news.netcraft.com/archives/20...anner_ads.html

Banner ads appearing on popular European web sites have been directing
traffic to sites that install malware on visitors' computers,
according to the Internet Storm Center. The attacks are exploiting an
unpatched flaw in the way Internet Explorer 6 handles the IFRAME tag.

"Some high profile sites with banner ads are linking to servers that
have the exploit and malicious code," according to an advisory on the
ISC web site. The attack is an expanded version of banner-based
exploits that first surfaced earlier this year. Banner networks, with
their ability to place code on hundreds of outside sites, offer a
vehicle for the rapid distribution of trojans and other malware, as
well as a way to deface web pages. It is not clear whether the
malicious code was being spread through a compromised ad server, or
through specific banners submitted to ad networks.

Site operators are being cautioned to verify that the banners do not
contain the IFRAME exploit code, or failing that, temporarily disable
banner ads to minimize the risk of accidentally infecting users and
propagating the exploit. The ISC did not identify any of the affected
sites.

Users clicking on the banners are being infected with variants of the
Bofra worm that has been propragating through e-mail and malicious web
sites. Bofra appeared just days after the revelation of the IFRAME
vulnerability, which affects Internet Explorer 6 on all Windows
platforms except Windows XP Service Pack 2 (SP2). This vulnerability
allows attackers to gain complete control of a user's computer.

Microsoft has not issued a patch for the Internet Explorer IFRAME hole
for users that have yet to install SP2. However, a German security
researcher has issued an independent patch, prompting discussion among
security vendors about the risks of "unofficial" patches.

Windows XP SP2 has been downloaded more than 105 million times,
according to Microsoft, but some corporate IT departments have
reported problems with installations. The ISC recommended that IE6
users who haven't installed the SP2 update "utilize a different web
browser until a patch is released by Microsoft."

--
Jose Manuel Tella Llop
MVP - Windows
(E-Mail Removed) (quitar XXX)
http://www.multingles.net/jmt.htm

Este mensaje se proporciona "como está" sin garantías de ninguna
clase, y no otorga ningún derecho.

This posting is provided "AS IS" with no warranties, and confers no
rights.
You assume all risk for your use.
 
Reply With Quote
 
 
 
Reply

Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IFRAME Exploit Spreading Through Banner JM Tella Llop [MVP Windows] Windows XP General 1 21st Nov 2004 09:29 PM
IFRAME Exploit Spreading Through Banner JM Tella Llop [MVP Windows] Windows XP New Users 1 21st Nov 2004 09:09 PM
IFRAME Exploit Spreading Through Banner JM Tella Llop [MVP Windows] Windows XP Customization 0 21st Nov 2004 07:10 PM
IFRAME Exploit Spreading Through Banner JM Tella Llop [MVP Windows] Windows XP Configuration 0 21st Nov 2004 07:10 PM
IFRAME Exploit Spreading Through Banner JM Tella Llop [MVP Windows] Windows XP Accessibility 0 21st Nov 2004 07:10 PM


Features
 

Advertising
 

Newsgroups
 


All times are GMT +1. The time now is 10:25 AM.