Slashdot Mirror
New Trojan Threatens Windows XP SP 2
lightdarkness writes "Symantec is reporting about a new virus called Phel (Anagram of 'help') which is a Trojan which spreads via a HTML file. All the user needs to do is go to the page, and it takes advantage of the vulnerability in the IE Help control component files. This allows the attacker to download malicious programs on to the machine. Worst part is, this is one of the exploits that even effects SP2. Microsoft is said to be working to stop the spread, and to release a patch." The exploit is apparently not the same as the help file problems disclosed last week.
Oh... yeah... IE is great... no need to change it until longhorn...
so what exactly processes HTML in windows again? Some third party plugin? No... IE? ahhh... what a shame... and here I thought that there was no need to do anything to IE as it is so perfect...
---
Programming is like sex... Make one mistake and support it the rest of your life.
Well at least I know reading Slashdot will be sa...
Does that mean they're trying to copy IE from the victims?
Upload to...download from.
" Worst part is, this is one of the exploits that even effects SP2."
Oh, it causes SP2? That's absolutely terrible - it must be stopped!
...Microsoft will lose before it manages to put out a new and more secure version of IE (assuming that is even possible ;-)). I keep hearing from friends who work as IT managers that they are systematically blocking access to IE and installing Firefox on their corporate clients (although that doesn't really shut IE down). IE's getting a really bad rap even in those environments where Microsoft marketing used to have more influence than cold hard facts... and if they don't do something decisive about it rather than releasing ad-hoc patches they're going to have a hell of a time restoring confidence in their product. Then again, they've been able to boounce back before... and it's not like they don't have the money to spend on marketing!
The day Microsoft makes a product that doesn't suck is the day they make a vacuum cleaner.
Relying on Windows for security is like fighting for peace, or screwing for virginity. 'Nuff said.
- The Kessel run is for nerf herders. I can circumnavigate the entire Central Finite Curve in a lot less than 12 parse
Sorry, couldn't resist the anagram. Here's the source code for the phel trojan. This trojan is written in a very high level language. By a strange temporal accident involving a singularity, an anagram, and MS's open-door policy, the source code closely resembles a certain song lyric that goes by the same name.
;-)
The lyrics are kinda fitting, don't you think?
[snip]
When I was younger, so much younger than today,
I never needed anybody's help in any way.
But now these days are gone, I'm not so self assured,
Now I find I've changed my mind and opened up the doors.
Help me if you can, I'm feeling down
And I do appreciate you being round.
Help me, get my feet back on the ground,
Won't you please, please help me.
And now my life has changed in oh so many ways,
My independence seems to vanish in the haze.
But every now and then I feel so insecure,
I know that I just need you like I've never done before.
Help me if you can, I'm feeling down
And I do appreciate you being round.
Help me, get my feet back on the ground,
Won't you please, please help me.
[/snip]
- Help by The Beatles
Who says trojans are bad?
You can pull one over your case and stop the spread of windows and aol. Shipping a trojan condom with AOL cds could also help stop the reproduction of aol users. Way to go Trojan! You set a good example for the rest of us. Windows XP std2 is a threat to us all, and with your help, we may just annihilate it yet! Of course, then you are still at risk for penguin gout, and gnu herpes.... but that's a post for a different story(most likely the double posting of this).
if this is what they meant with "extensible platform": http://slashdot.org/article.pl?sid=04/12/30/185323 2&tid=113
Quite frankly, I can't understand why people get "impressed", I mean, let's look at history for a while... it isn't something new -- for the past probably, let's say 7 years Microsoft has been making the same mistakes over and over. It's nothing new that every vulnerability that is found affect their "benevolents" Service Packs, happened with Service Pack 1 and now 2 in Windows XP, happened with all the Service Packs on NT, and then Windows 2000... seriously. All I have to say is, Microsoft is like a teenage girl -- you never know what you're gonna get --JR.
WARNING: DO NOT LET DR. MARIO TOUCH YOUR GENITALS. HE IS NOT A REAL DOCTOR!
nope, Firefox is not at threat to Internet Explorer .. Internet Explorer is a threat to Internet Explorer!
I believe in Windows XP theres a Help and Support service that you can disable, although that may be Compaq-specific. I've never tried killing it.
The problem is, the end users who will visit these types of sites, especially in IE (the same users who will open e-mails for free Vioxx or Rolex watches)
Microsoft is working to forensically analyze the malicious code in Phel and will work with law enforcement agencies to identify and bring to justice those responsible for the malicious activity, he said.
They always want to catch the bad guys but Microsoft itself is never held responsible fot the damages their crippled software causes.
As a software developer myself, I know it's almost impossible to make a big software product 100% bug free but come on... Microsoft's software is becoming ridiculous!
Man , Wizard ! How many time do I have to tell you ? Windows XP CD is an OS its not a doughnut , stop eating it with your coffee and milk in the morning , shisssh ;-)
I am a REAL American from Canada , not a wanna-be from the country , self called "last remaining superpower" "of America
Trojans in IE counts as news still? Its like someone throws us a surprise party every three months and we feel obliged to keep acting surprised.
"A man is but the product of his thoughts what he thinks, he becomes." -Mahatma Gandhi
There would be a fix by now if it where an OSS , Gnu/Linux project.
I am a REAL American from Canada , not a wanna-be from the country , self called "last remaining superpower" "of America
Good for you! But with all these vulnerabilities and resulting spyware bogging down your Windows install, the shit creeping in before you manage to download & install the latest patches, I am really impressed you actually get any work done (and managed to make this Slashdot post).
I don't consider yet another worm 0wning my box and handing it over to a spammer, a little thing. But okay, YMMV.
XPLite to remove the darn thing !
>> Techflock-flock onto the best bits of technology
To tell you the truth, the help system in XP seems to be much better than in past versions. I have actually used it a few times to learn about command syntax or to find obscure configuration tabs.
Customers in the U.S. who believe they have been attacked should contact their local FBI office or post their complaint online at www.ifccfbi.gov
Non MS users should contact the FBI and tell them we don't want our tax dollars to go to phel. Let Microsoft deal with it.
That's good, blame the victim. Just what sites are those? Where's the big list of sites you shouldn't visit? We might know where to avoid, but how is Joe User going to know?
Typical MSFT response. Instead of fixing their busted ass software they blame the victim. How's the weather in Redmond today?
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
This is a good example of why "IE only looks bad because it has the most market share" is at best dubious, and why IE is going to continue to struggle with problems that don't affect other browsers.
In particular, here we have problems in a scriptable ActiveX control for presenting Windows Help files. It's nice to have that available for Windows integration, and maybe for intranet Web applications (though regular Web pages are fine for the vast majority of online help), but people don't need it for regular Web surfing. There have been tons of flaws in these preloaded ActiveX controls, but Microsoft seems unwilling to change its policy to reduce this attack surface.
For those interested, check out this source code. Virus and Trojan problems seem to just gravitate toward Microsoft products. So, Microsoft is the problem.
Click here or here.
1) the list of FORMER competitors of MS is a long one..anyone remember DR-DOS, which always got better reviews in the trade journals ? Lets add borland, lotus, star office, etc etc. A rationale person has some humility and or fear when confronted with a proven champion, regardless of the methods the champion uses.
/. readers can supply many other examples of companies that died when there single flagship product was late or buggy; only MS can live to fight another day, with its cash flow and monomply posistions.
/. and firefox cause they are playing the wrong game. I don't think he cares a flying f*ck about technical superiority, or bloat or stuff like that; he cares about market share. For all we know, he may be happy that the 10% of the market consisting of geeks is distracted by linux and firefox - it never makes economic sense for a biz to care about more then 80% of the market.
2) Unlike other companies, MS can survive a disaster - (either DOS 4 or 5) was a dog that would have killed any other company; MS survived to fight another day (eg, borland died when they were late with one product). I'm sure
3) IMHO, MS has developed an unusual corp ability - the ability to throw money at a problem and solve it. IF gates and ballmer were really interested, they could release a new IE next year.
4) Gates is laughing at
5) there is something kinda pathetic and geekish and teenagerish in this constant gloating about bugs in MS products. Maybe worm writers don't write for *nix because that is not where the market is - if you r interested in making money, an not tech bragging writes, why wd u care about the geeks using linux. no money and hard to cheat - just not a soft target (the same principal by which "insurgents" choose unarmored Iraqis over armored mobile americans.
Untill there is some reasonably similar user base, any comparision of worms or bugs or whatever you want to call them, between nix and ms, is meanignleess. Its sort of like comparing gas mileage between GM and solectra. Just not a comparison that has meaning in the real world of sales and market share.
6) Since the game gates is playing is market share and sales and PROFITS, maybe he is not that interested in the OS or the browser - maybe they think OSs and Browsers will become commodity objects, and the money is in apps.
think about ibm selling its pc division - companies exist to make money, not technically superior produdts. Sometimes you can win on technical superiority; sometimes not
/begin{Sarcasm}
You know, when I found out that Microsoft would no longer develop IE for Macs, I was so sad.
\end{Sarcasm}
Having done so much with so little for so long, I now can do anything with nothing at all.
I would like to take this moment to accept the apologies of all the assholes who said things like, "windows is secure, just upgrade to sp2." I'm sure that all of you feel much better after saying that you are sorry and admitting that you were wrong.
The Farewell Tour II
Won't this also occur in email with Outlook and Outlook Express? They use the same control that IE does to process the html.
This could make for a much worse case than having to visit a web site. Just have the preview pane open with these apps and get a spam than contains the exploit.
This is what is known as a "negative external" in economic lingo.
Basicaly, Microsoft does not care about the costs of security because it does not effect it's bottom line. The costs are "external" to MS.
So, why does the government (meaning we, the people...) allow MS to cost industry, government and citizens billions of dollars without sanction? If this was Exxon spilling oil all over baby seals they would have to pay (a fraction) of the clean up costs and get all sorts of bad PR. With MS it's just Busines as Usuall.
Kind Regards
"A few great minds are enough to endow humanity with monstrous power, but a few great hearts are not enough to make us w
Security has to be part of the initial design, you can't retrofit it.) .
A motorcycle will always be inherently less save than a volvo, no matter what else you do to it. (sure, a safe rider can be safer than an idiot in a volvo).
The design decisions that went into IE make it impossible to secure, no difficult, not expensive, but IMPOSSIBLE.
ActiveX is the most obvious example where functionality/usability/ease-of-use totally overrode security in the design. You can't fix that, just like you can't make a motorcycle safe by adding seatbelts (more here: http://sans.org/rr/whitepapers/awareness/1509.php
Saying it's the users fault is like giving someone a book of matches in a dynamite factory and saying "it's your fault for lighting the match".
IE is a wonderful inTRAnet explorer, filling out timesheets in a low-risk network. Using it on the inTERnet is like entering a demolition derby on a motorbike.