Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Trojan Threatens Windows XP SP 2

Posted by michael on from the unplug-your-computer-for-protection dept.

lightdarkness writes "Symantec is reporting about a new virus called Phel (Anagram of 'help') which is a Trojan which spreads via a HTML file. All the user needs to do is go to the page, and it takes advantage of the vulnerability in the IE Help control component files. This allows the attacker to download malicious programs on to the machine. Worst part is, this is one of the exploits that even effects SP2. Microsoft is said to be working to stop the spread, and to release a patch." The exploit is apparently not the same as the help file problems disclosed last week.

12 of 241 comments (clear)

  1. affect/effect! by o0zi · · Score: 5, Funny

    " Worst part is, this is one of the exploits that even effects SP2."

    Oh, it causes SP2? That's absolutely terrible - it must be stopped!

  2. I wonder how much market share... by lordfener · · Score: 5, Interesting

    ...Microsoft will lose before it manages to put out a new and more secure version of IE (assuming that is even possible ;-)). I keep hearing from friends who work as IT managers that they are systematically blocking access to IE and installing Firefox on their corporate clients (although that doesn't really shut IE down). IE's getting a really bad rap even in those environments where Microsoft marketing used to have more influence than cold hard facts... and if they don't do something decisive about it rather than releasing ad-hoc patches they're going to have a hell of a time restoring confidence in their product. Then again, they've been able to boounce back before... and it's not like they don't have the money to spend on marketing!

  3. Adequate bash.org quote by b374 · · Score: 5, Funny

    The day Microsoft makes a product that doesn't suck is the day they make a vacuum cleaner.

  4. Re:Microsoft happy with IE? by too_poland · · Score: 5, Funny

    Injecting Exploit 6.0 =]

  5. [OT] Source code for phel ;-) by asliarun · · Score: 5, Funny

    Sorry, couldn't resist the anagram. Here's the source code for the phel trojan. This trojan is written in a very high level language. By a strange temporal accident involving a singularity, an anagram, and MS's open-door policy, the source code closely resembles a certain song lyric that goes by the same name.

    The lyrics are kinda fitting, don't you think? ;-)

    [snip]
    When I was younger, so much younger than today,
    I never needed anybody's help in any way.
    But now these days are gone, I'm not so self assured,
    Now I find I've changed my mind and opened up the doors.

    Help me if you can, I'm feeling down
    And I do appreciate you being round.
    Help me, get my feet back on the ground,
    Won't you please, please help me.

    And now my life has changed in oh so many ways,
    My independence seems to vanish in the haze.
    But every now and then I feel so insecure,
    I know that I just need you like I've never done before.

    Help me if you can, I'm feeling down
    And I do appreciate you being round.
    Help me, get my feet back on the ground,
    Won't you please, please help me.
    [/snip]

    - Help by The Beatles

  6. I wonder ... by basvdlei · · Score: 5, Funny

    if this is what they meant with "extensible platform": http://slashdot.org/article.pl?sid=04/12/30/185323 2&tid=113

  7. Re:Microsoft happy with IE? by Moulinneuf · · Score: 5, Funny

    Please ! dont insult the Swiss Cheese by associating it with IE , the Swiss Cheese as less hole and far more valuable content and as an excellent quality control , unless you dont read the date marked "best before" before eating it. ;-)

    --
    I am a REAL American from Canada , not a wanna-be from the country , self called "last remaining superpower" "of America
  8. Re:Yep. Firefox is not a threat. by klang · · Score: 5, Insightful

    nope, Firefox is not at threat to Internet Explorer .. Internet Explorer is a threat to Internet Explorer!

  9. What? by Albinofrenchy · · Score: 5, Funny

    Trojans in IE counts as news still? Its like someone throws us a surprise party every three months and we feel obliged to keep acting surprised.

    --
    "A man is but the product of his thoughts what he thinks, he becomes." -Mahatma Gandhi
  10. The MSFT Party Line by HangingChad · · Score: 5, Insightful
    The problem is, the end users who will visit these types of sites...

    That's good, blame the victim. Just what sites are those? Where's the big list of sites you shouldn't visit? We might know where to avoid, but how is Joe User going to know?

    Typical MSFT response. Instead of fixing their busted ass software they blame the victim. How's the weather in Redmond today?

    --
    That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
  11. Re:Microsoft happy with IE? by naelurec · · Score: 5, Funny

    unless you dont read the date marked "best before" before eating it. ;-)

    Microsoft should have the same thing for Windows...

    • Best before plugging into a network..
    • Best before being turned on..
    • Best left in the box..

    In all honesty, when Windows is isolated (or on an isolated network) and locked down (ie users don't have any way to install new software, etc..).. its not too bad.. Unfortunately, everyone wants to plug it into that dang Internet.. hheh..

  12. just remember by cinnamon+colbert · · Score: 5, Insightful

    1) the list of FORMER competitors of MS is a long one..anyone remember DR-DOS, which always got better reviews in the trade journals ? Lets add borland, lotus, star office, etc etc. A rationale person has some humility and or fear when confronted with a proven champion, regardless of the methods the champion uses.

    2) Unlike other companies, MS can survive a disaster - (either DOS 4 or 5) was a dog that would have killed any other company; MS survived to fight another day (eg, borland died when they were late with one product). I'm sure /. readers can supply many other examples of companies that died when there single flagship product was late or buggy; only MS can live to fight another day, with its cash flow and monomply posistions.

    3) IMHO, MS has developed an unusual corp ability - the ability to throw money at a problem and solve it. IF gates and ballmer were really interested, they could release a new IE next year.

    4) Gates is laughing at /. and firefox cause they are playing the wrong game. I don't think he cares a flying f*ck about technical superiority, or bloat or stuff like that; he cares about market share. For all we know, he may be happy that the 10% of the market consisting of geeks is distracted by linux and firefox - it never makes economic sense for a biz to care about more then 80% of the market.

    5) there is something kinda pathetic and geekish and teenagerish in this constant gloating about bugs in MS products. Maybe worm writers don't write for *nix because that is not where the market is - if you r interested in making money, an not tech bragging writes, why wd u care about the geeks using linux. no money and hard to cheat - just not a soft target (the same principal by which "insurgents" choose unarmored Iraqis over armored mobile americans.
    Untill there is some reasonably similar user base, any comparision of worms or bugs or whatever you want to call them, between nix and ms, is meanignleess. Its sort of like comparing gas mileage between GM and solectra. Just not a comparison that has meaning in the real world of sales and market share.

    6) Since the game gates is playing is market share and sales and PROFITS, maybe he is not that interested in the OS or the browser - maybe they think OSs and Browsers will become commodity objects, and the money is in apps.
    think about ibm selling its pc division - companies exist to make money, not technically superior produdts. Sometimes you can win on technical superiority; sometimes not