Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trojan Exploits Unpatched IE Flaw

Posted by Zonk on from the unfriendly-haxxors dept.

onebuttonmouse writes "The Register reports on a trojan spotted in the wild that takes advantage of the so-far unpatched IE vulnerability mentioned on Slashdot earlier this week. From the article: 'The release of a Trojan that exploits an unpatched IE hole has prompted speculation that Microsoft may release an emergency out-of-cycle security patch. Delf-DH downloads other malware onto infected machines changing settings in order to monitor user activity and redirect surfers onto porn sites. The attack relies on a flaw in the way IE handles requests to the window() object.'"

3 of 177 comments (clear)

  1. Re:disable active scripting ... by tehshen · · Score: 4, Informative

    Disable what? Enable what? IE should be secure, I shouldn't need to work around it.

    --
    Guy asked me for a quarter for a cup of coffee. So I bit him.
  2. One Care Live by VisceralLogic · · Score: 2, Informative

    Maybe they're selling the fix through the new anti-virus software?

    --
    Stop! Dremel time!
  3. Re:Fix just came out. by Crayon+Kid · · Score: 4, Informative

    Unfortunately, Firefox 1.5 is also affected by the bug. Granted, it only freezes up and has to be killed manually, so it's not as severe as remote code execution. Still...

    --
    i ate crayons when i was a kid and now i have two braincells and the blue ones taste nicer