Slashdot Mirror

← Back to Stories (view on slashdot.org)

Widespread Attacks Exploit Newly-Patched IE Bug

Posted by Soulskill on from the of-fish-and-barrels dept.

itwbennett writes "The first widespread attack to leverage the Internet Explorer flaw that Microsoft patched in an emergency update Thursday morning has surfaced. By midday Thursday Symantec had spotted hundreds of Web sites that hosted the attack code. The attack installs a Trojan horse program that is able to bypass some security products and then give hackers access to the system, said Joshua Talbot, a security intelligence manager with Symantec. Once it has infected a PC, the Trojan sends a notification e-mail to the attackers, using a US-based, free e-mail service that Symantec declined to name." Relatedly, reader N!NJA was among several to point out that Microsoft has apparently been aware of this flaw since September.

5 of 141 comments (clear)

  1. Re:Exactly how does it work. by Arancaytar · · Score: 5, Informative

    Once Windows is compromised (by a sophisticated worm, not something that places advertisements in IE), there is very little a user can do that the worm cannot prevent or bypass.

    The Windows settings assistant may nod and smile, and say the port is closed, while the worm is using it in the background. You might see that if you look at the router's logs, but inside Windows the worm can control what you see or do.

  2. Re:threat? by 1s44c · · Score: 5, Informative

    I just laugh. I haven't had to reformat the drive even once since I obscured IE.

    If you use windows without IE you are still very much at risk from the many other windows holes. You will cracked sooner or later and you may not even notice.

  3. Re:Time to bury Firefox by baka_toroi · · Score: 2, Informative

    Thanks for showing me fixed vulnerabilites!

  4. Re:threat? by nmb3000 · · Score: 4, Informative

    IE market share is below 40%

    Anyone who uses w3schools's browser stats as a reference for general browser usage needs to get knocked on the head a few times. That is a perfect example of biased results due to the nature of the sample.

    A better number is about 62%.

    --
    "What do you despise? By this are you truly known." --Princess Irulan, Manual of Muad'Dib
    /)
  5. Re:kind of makes you wonder by bug · · Score: 2, Informative

    Security firm eEye used to keep a long list of Internet Explorer vulnerabilities that they had reported to Microsoft, but Microsoft hadn't developed patches for. eEye's list tracked how many months, or even years, Microsoft had known about the vulnerabilities without releasing a patch. A few years ago, under pressure from Microsoft, eEye agreed to take their list down. Microsoft happens to be a big customer of eEye's, and presumably is responsible for a lot of eEye's revenue. This has been fairly typical behavior for security firms that have signed lucrative contracts with Microsoft over the last few years, and one wonders how much of this type of thing is merely hush money.