Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Trojan Threatens Windows XP SP 2

Posted by michael on from the unplug-your-computer-for-protection dept.

lightdarkness writes "Symantec is reporting about a new virus called Phel (Anagram of 'help') which is a Trojan which spreads via a HTML file. All the user needs to do is go to the page, and it takes advantage of the vulnerability in the IE Help control component files. This allows the attacker to download malicious programs on to the machine. Worst part is, this is one of the exploits that even effects SP2. Microsoft is said to be working to stop the spread, and to release a patch." The exploit is apparently not the same as the help file problems disclosed last week.

2 of 241 comments (clear)

  1. I wonder how much market share... by lordfener · · Score: 5, Interesting

    ...Microsoft will lose before it manages to put out a new and more secure version of IE (assuming that is even possible ;-)). I keep hearing from friends who work as IT managers that they are systematically blocking access to IE and installing Firefox on their corporate clients (although that doesn't really shut IE down). IE's getting a really bad rap even in those environments where Microsoft marketing used to have more influence than cold hard facts... and if they don't do something decisive about it rather than releasing ad-hoc patches they're going to have a hell of a time restoring confidence in their product. Then again, they've been able to boounce back before... and it's not like they don't have the money to spend on marketing!

  2. Re:The problem isn't JUST Windows... by b374 · · Score: 3, Interesting
    The problem is, the end users who will visit these types of sites

    not quite... there are some cases in which a compromised web site can serve as a 'launch pad' for malware. There are "some" cases like this and not "a lot" because the vast majority of attacks are done by script kiddies who have no fsking idea what and how they are doing it.

    I had one server compromised because of a web application vulnerability... and after finishing to diagnose, fix, patch and check I could only say: "Thanks God it wasn't someone who knew what and how to ... [all my nightmares here]"

    especially in IE (the same users who will open e-mails for free Vioxx or Rolex watches)

    While I agree with what you say, I can't stop myself to ask: "How can you delete an email which might be full of malware without seeing it?". (I'm sure some might say it can be done... I even did it under OE by shift selecting the previous and next message, deleting all of them, undeleting the others) But the idea is that no potential malware should be executed automatically.

    Users shouldn't be made responsible for design flaws or implementation faults.