Web browser flaw prompts warning (June 26)

Pepperoni · Jun 27, 2004

http://news.bbc.co.uk/2/hi/technology/3840101.stm
Users are being told to avoid using Internet Explorer until Microsoft
patches a serious security hole in it.
The loophole is being exploited to open a backdoor on a PC that could let
criminals take control of a machine.

The threat of infection is so high because the code created to exploit the
loophole has somehow been placed on many popular websites.

Experts say the list of compromised sites involves banks, auction and price
comparison firms and is growing fast.

Serious problem

The net watchdog, the US Computer Emergency Reponse Center (Cert), and the
net security monitor, the Internet Storm Center, have both issued warnings
about the combined threat of compromised websites and browser loophole.

Cert said: "Users should be aware that any website, even those that may be
trusted by the user, may be affected by this activity and thus contain
potentially malicious code."

In its round-up of the threat the Internet Storm Center bluntly stated that
users should if possible "use a browser other then MS Internet Explorer
until the current vulnerabilities in MSIE are patched."

Conor · Jun 27, 2004

http://news.bbc.co.uk/2/hi/technology/3840101.stm
Users are being told to avoid using Internet Explorer until Microsoft
patches a serious security hole in it.
The loophole is being exploited to open a backdoor on a PC that could let
criminals take control of a machine.

Yeah we know, I posted about it the other day.

Spacen Jasset · Jun 27, 2004

Microsfoft seem to be lax at times when it comes to deciding to actualy fix
a problem. There are alternatives to internet explorer that work just
aswell, if not better in some areas.

Bart Bailey · Jun 27, 2004

In its round-up of the threat the Internet Storm Center bluntly stated that
users should if possible "use a browser other then MS Internet Explorer
until the current vulnerabilities in MSIE are patched."

Of course, you might want to continue to use this alternative browser to
avoid being victimized by any future exploits of MSIE.
So much nicer to simply read about the tribulations of those
unfortunates, than to be one.

=?iso-8859-1?Q?Eep=B2?= · Jun 28, 2004

Mm, doncha just love vague warnings with no specifics. Bah...take this with a grain of salt, people.

Pepperoni · Jun 28, 2004

It was vague because the method is still being investigated, and the malware
downloaded varied greatly. The malicious website from which the malware
packages were downloaded was blocked. (Friday, I believe)

So far the server/browser combination has not been given a single name. In
its warning about the problem Microsoft calls it download.ject but others,
such as F-Secure, are calling it Scob.

http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=126241

http://www.microsoft.com/security/incident/download_ject.mspx

The trojan was acquired by merely visiting an altered web page. It took
several days to identify key files associated with the infection. The
presence of the files Kk32.dll and Surf.dat are indications of
exposure. Additional packages were downloaded, and varied widely.
Currently the downloads are blocked, but varients are being expected.
Current AV updates should detect and remove the critter.

BoB · Jun 28, 2004

It was vague because the method is still being investigated, and the malware
downloaded varied greatly. The malicious website from which the malware
packages were downloaded was blocked. (Friday, I believe)

So far the server/browser combination has not been given a single name. In
its warning about the problem Microsoft calls it download.ject but others,
such as F-Secure, are calling it Scob.

http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=126241

http://www.microsoft.com/security/incident/download_ject.mspx

The trojan was acquired by merely visiting an altered web page. It took
several days to identify key files associated with the infection. The
presence of the files Kk32.dll and Surf.dat are indications of
exposure. Additional packages were downloaded, and varied widely.
Currently the downloads are blocked, but varients are being expected.
Current AV updates should detect and remove the critter.

I wonder if OffByOne, 'the 1 meg wonder browser' would have
been affected. It's the first browser I try on unknown sites.
If it's a NoGo, I next try Firefox with java and java script
disabled. I have IE6 fully updated and set up to be 'dumb as
a box of rocks', but seldom use it.

BoB

Bart Bailey · Jun 28, 2004

I wonder if OffByOne, 'the 1 meg wonder browser' would have
been affected. It's the first browser I try on unknown sites.

I haven't found a site yet that compromised OB1,
nor Opera for that matter. I think you have to have the proper worm
handler plugin installed, you know, the one called MSIE/OE <g>

Unpatched Microsoft XML Core Services flaw increasingly targeted inattacks	1	Jun 21, 2012
Serious security flaw found in IE	7	Dec 16, 2008
Sites exploit Windows image flaw	2	Dec 29, 2005
Serious security flaw found in IE	52	Dec 16, 2008
Critial Internet Explorer Bug	26	Dec 16, 2008
Adobe fixes critical Flash flaw	4	Jun 14, 2010
Warning comes after Microsoft warns on bug in browser	6	Sep 20, 2012
Poisoned PowerPoint attacks users	3	Jul 24, 2006

Web browser flaw prompts warning (June 26)

Pepperoni

Conor

Spacen Jasset

Bart Bailey

=?iso-8859-1?Q?Eep=B2?=

Pepperoni

BoB

Bart Bailey

Ask a Question

Similar Threads