Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Trojan Threatens Windows XP SP 2

Posted by michael on from the unplug-your-computer-for-protection dept.

lightdarkness writes "Symantec is reporting about a new virus called Phel (Anagram of 'help') which is a Trojan which spreads via a HTML file. All the user needs to do is go to the page, and it takes advantage of the vulnerability in the IE Help control component files. This allows the attacker to download malicious programs on to the machine. Worst part is, this is one of the exploits that even effects SP2. Microsoft is said to be working to stop the spread, and to release a patch." The exploit is apparently not the same as the help file problems disclosed last week.

9 of 241 comments (clear)

  1. More appropriate name for Internet Explorer by Anonymous Coward · · Score: 0, Informative

    IE - Internet Exploiter

  2. Trojan Condoms? by Vampyre_Dark · · Score: 2, Informative

    Who says trojans are bad?

    You can pull one over your case and stop the spread of windows and aol. Shipping a trojan condom with AOL cds could also help stop the reproduction of aol users. Way to go Trojan! You set a good example for the rest of us. Windows XP std2 is a threat to us all, and with your help, we may just annihilate it yet! Of course, then you are still at risk for penguin gout, and gnu herpes.... but that's a post for a different story(most likely the double posting of this).

  3. Wow!, please! by xcfx · · Score: 2, Informative

    Quite frankly, I can't understand why people get "impressed", I mean, let's look at history for a while... it isn't something new -- for the past probably, let's say 7 years Microsoft has been making the same mistakes over and over. It's nothing new that every vulnerability that is found affect their "benevolents" Service Packs, happened with Service Pack 1 and now 2 in Windows XP, happened with all the Service Packs on NT, and then Windows 2000... seriously. All I have to say is, Microsoft is like a teenage girl -- you never know what you're gonna get --JR.

    --
    WARNING: DO NOT LET DR. MARIO TOUCH YOUR GENITALS. HE IS NOT A REAL DOCTOR!
  4. Re:Windows Help....bah humbug by PeterPumpkin · · Score: 2, Informative

    I believe in Windows XP theres a Help and Support service that you can disable, although that may be Compaq-specific. I've never tried killing it.

  5. They always want to catch the bad guys... by borfast · · Score: 4, Informative

    Microsoft is working to forensically analyze the malicious code in Phel and will work with law enforcement agencies to identify and bring to justice those responsible for the malicious activity, he said.

    They always want to catch the bad guys but Microsoft itself is never held responsible fot the damages their crippled software causes.

    As a software developer myself, I know it's almost impossible to make a big software product 100% bug free but come on... Microsoft's software is becoming ridiculous!

  6. OSS , GNU/Linux VS Mircosoft by Moulinneuf · · Score: 2, Informative

    There would be a fix by now if it where an OSS , Gnu/Linux project.

    --
    I am a REAL American from Canada , not a wanna-be from the country , self called "last remaining superpower" "of America
  7. Re:I wonder how much market share... by eyeball · · Score: 3, Informative

    Microsoft will lose before it manages to put out a new and more secure version of IE (assuming that is even possible ;-)).

    Or a lite version. They're fighting an uphill battle -- they need to keep their code compatible with the buttload of non standard features they've introduced over the years (mainly things like activex windows-specific plugins) that people have build applications on top of. If they were to release something that was stripped down (yet retained all the functionality of something on the level with Firefox) and gave the user a choice to install the backwards-compatible mess, they might get out of this situation.

    Of course they won't because that gives people a migration path off IE (and eventually off Windows).

    --

    _______
    2B1ASK1
  8. Virus/Trojan problems for Microsoft go way back by totallygeek · · Score: 2, Informative

    For those interested, check out this source code. Virus and Trojan problems seem to just gravitate toward Microsoft products. So, Microsoft is the problem.

    --
    Click here or here.
  9. Re:Microsoft happy with IE? by Com2Kid · · Score: 2, Informative
    • so what exactly processes HTML in windows again? Some third party plugin? No... IE? ahhh... what a shame... and here I thought that there was no need to do anything to IE as it is so perfect...


    The purpose of using IE is that it enables Windows to have a single HTML renderer loaded up into memory for a wide variety of tasks. By switching over to HTML based help, Microsoft has consolidated various rendering engines into one (HTML, specifically IE), all while reducing the overall memory footprint used up by the system.

    Now this is all good and fine, and should work perfectly, just so long as the system properly maintains what security level a given file is in.

    This is a key issue, apparently MS keeps screwing this up...

    Aside from that (doh!), IE integrated into the system is very convenient.

    VERY convenient! With a sufficiently fast Internet connection, the difference between the Internet and one's own computer is quickly blurred.
    --
    Need help treating your acne? Come here!