Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trojan Exploits Unpatched IE Flaw

Posted by Zonk on from the unfriendly-haxxors dept.

onebuttonmouse writes "The Register reports on a trojan spotted in the wild that takes advantage of the so-far unpatched IE vulnerability mentioned on Slashdot earlier this week. From the article: 'The release of a Trojan that exploits an unpatched IE hole has prompted speculation that Microsoft may release an emergency out-of-cycle security patch. Delf-DH downloads other malware onto infected machines changing settings in order to monitor user activity and redirect surfers onto porn sites. The attack relies on a flaw in the way IE handles requests to the window() object.'"

20 of 177 comments (clear)

  1. Fix just came out. by suso · · Score: 5, Funny

    The fix for this is here

    1. Re:Fix just came out. by SatanicPuppy · · Score: 4, Funny

      ...and redirect surfers onto porn sites.

      Fix? It's not a bug, it's a feature. Maybe IE is improving!

      --
      ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
    2. Re:Fix just came out. by MtViewGuy · · Score: 4, Insightful

      That would be great if you didn't have to update all your themes and extensions and/or wait for updated themes and extensions just to support Firefox 1.5. You'd think everyone would be more timely on this.

    3. Re:Fix just came out. by Crayon+Kid · · Score: 4, Informative

      Unfortunately, Firefox 1.5 is also affected by the bug. Granted, it only freezes up and has to be killed manually, so it's not as severe as remote code execution. Still...

      --
      i ate crayons when i was a kid and now i have two braincells and the blue ones taste nicer
  2. Dupe... by NardofDoom · · Score: 5, Funny

    We heard about this same sort of thing hundreds of times. The editors really need to read the articles more carefully...

    --
    You have two hands and one brain, so always code twice as much as you think!
  3. This is great! by GauteL · · Score: 4, Funny

    "elf-DH downloads other malware onto infected machines changing settings in order to monitor user activity and redirect surfers onto porn sites."

    So it is basically automated pr0n! From now on, you won't have to use your left hand.

  4. Flaw? by CaymanIslandCarpedie · · Score: 5, Funny

    and redirect surfers onto porn sites

    Sounds more like a feature to me ;-)

    --
    "reality has a well-known liberal bias" - Steven Colbert
  5. what's the problem... ;) by Dtyst · · Score: 5, Funny

    Average joe search for p0rn
    He fins a site with virus that gets installed on his computer.
    Virus finds the pr0n for him....
    Both win!

  6. Re:disable active scripting ... by tehshen · · Score: 4, Informative

    Disable what? Enable what? IE should be secure, I shouldn't need to work around it.

    --
    Guy asked me for a quarter for a cup of coffee. So I bit him.
  7. Very Scary! by roman_mir · · Score: 4, Funny

    Apparently this wild trojan uses IE to direct a very specific type of attack against /., which results in dupe stories being posted!

    --
    You can't handle the truth.
  8. Re:disable active scripting ... by tehshen · · Score: 3, Insightful

    I was trying to say that Microsoft should never offer this as a patch - it's not a patch, it's just turning off functionality, akin to fixing a leaky pipe by disconnecting the water. (Though as a temporary fix, it works)

    --
    Guy asked me for a quarter for a cup of coffee. So I bit him.
  9. I hate this style of commenting. by Vo0k · · Score: 3, Funny

    "The Register reports on a [[register article|trojan spotted in the wild]] that takes advantage of the so-far unpatched IE [[|Slashdot story|vulnerability]] mentioned on Slashdot earlier this week."

    That should be done like this:

    "The Register [[register article|reports]] on a [[a page with the trojan|trojan spotted in the wild]] that takes advantage of the so-far unpatched IE [[How to exploit?|vulnerability]] [[Slashdot story|mentioned on Slashdot]] earlier this week."

    --
    Anagram("United States of America") == "Dine out, taste a Mac, fries"
  10. porn on linux by lithod02 · · Score: 3, Funny

    So, if I run IE under wine on linux I can get all the free pr0n delivered to my desktop. Nice. Click the big blue "E" for free e-pr0n

  11. Re:disable active scripting ... by digitaldc · · Score: 3, Funny

    Their reply would be: you really don't need the water anyway.

    --
    He who knows best knows how little he knows. - Thomas Jefferson
  12. This is the perfect example by this+great+guy · · Score: 4, Insightful

    ...of why we say that MS doesn't care enough about the security of its users. MS should be even more committed into improving the speed of development & QA of security patches. This particular zero-day vuln is known since at least one week, and MS still hasn't distributed a fix. Delaying the release of a fix to Patch Tuesday doesn't make any sense when the vuln details are already publicly known. They should at least release beta patches (if the QA process is not yet complete) for users who NEED security and can afford potential stability problems. Other users can wait for Patch Tuesday if they want.

    But one week is nothing compared to other vulns. Look at this list of other currently unpatched holes in MS products: http://www.eeye.com/html/research/upcoming/index.h tml. Some of them has been reported months ago and are still unfixed. This is inadmissible for a multi-billion dollars company.

  13. Re:Thank god... by timster · · Score: 4, Funny

    Oh gods... if it ain't broke, it ain't Mosaic.

    --
    I have seen the future, and it is inconvenient.
  14. In other news... by ZachPruckowski · · Score: 5, Funny

    The Sky is blue!

    Bears still crap in the woods!

    Amazingly, the Pope is Catholic!

  15. Lets keep it fair! by XMilkProject · · Score: 4, Interesting

    Before everyone gets too worked up bashing IE, as in the previous few articles on this exploit, let's remember that this problem was freezing/crashing FireFox 1.5 also.
    Although the security threat isn't existent in FireFox, the browser still fails on these pages.

    Now before I get flamed, let it be known that I think IE is a disaster and it's lack of standards compliance is one of the main things holding back proper advancment in web technologies, but we don't want to go and be unfair when our browser crashes too!

    --
    Big ones, small ones, some as big as yer 'ead!
    Give 'em a twist, a flick o' the wrist...
    1. Re:Lets keep it fair! by ZachPruckowski · · Score: 4, Interesting

      Although the security threat isn't existent in FireFox, the browser still fails on these pages.

      "$RANDOM_WEBSITE crashes a browser" isn't worth a news article. It's worth a bug report, and a fix, either to the site or to the browser, but it isn't worth a news story. Major crashes and computers being remotely controlled, however, is a big deal.

  16. Re:disable active scripting ... by m50d · · Score: 4, Insightful

    And yet when someone suggests a firefox extension as a fix for something, that's all well and good.

    --
    I am trolling