Serious IE loophole - PlanetSide Universe
PSU Social Facebook Twitter Twitter YouTube Steam TwitchTV
PlanetSide Universe
PSU: Crunchy on the outside. Poison on the inside!
Home Forum Chat Wiki Social AGN PS2 Stats
Notices
Go Back   PlanetSide Universe > General Forums > The Lounge

Reply
 
Thread Tools Search this Thread Display Modes
Old 2004-06-25, 06:36 PM   [Ignore Me] #1
Hezzy
Contributor
General
 
Hezzy's Avatar
 
Serious IE loophole


http://news.bbc.co.uk/2/hi/technology/3840101.stm

Users are being told to avoid using Internet Explorer until Microsoft patches a serious security hole in it.
The loophole is being exploited to open a backdoor on a PC that could let criminals take control of a machine.

The threat of infection is so high because the code created to exploit the loophole has somehow been placed on many popular websites.

Experts say the list of compromised sites involves banks, auction and price comparison firms and is growing fast.

Serious problem

The net watchdog, the US Computer Emergency Reponse Center, and the net security monitor, the Internet Storm Center, have both issued warnings about the combined threat of compromised websites and browser loophole.

Cert said: "Users should be aware that any website, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code."

In its round-up of the threat the Internet Storm Center bluntly stated that users should if possible "use a browser other then MS Internet Explorer until the current vulnerabilities in MSIE are patched."

CHECKING FOR INFECTION
Click the Start button and then click on Search
Make sure you choose the option to look through all files and folders
Search for files called Kk32.dll and Surf.dat
If infected use up to date anti-virus software to remove the malicious code
So far it is unclear how the malicious code that exploits the weakness in Microsoft's Internet Explorer has been inserted on popular websites.

What is known that any Windows 2000 Server that does not have the MS04-011 security update installed and is running Internet Information Server could be at risk.

The virulent Sasser worm exploited loopholes closed by this update so many servers are likely to be patched against the problem.

Infected servers are adding a malicious chunk of Javascript to all the web, gif and jpg files served up to anyone browsing the sites they host.

When loading on a browsing PC, this chunk of code might trigger a Windows error message.

Once downloaded the code redirects a browser to a Russian website which tries to install a program that opens a backdoor into the PC.

Some net service firms have started blocking access to this Russian site.

Check for infection

Anti-virus firms are now working on putting detectors for the chunk of code in to their scanning software.


A Russian website is spreading the malicious code
Security firm Symantec said the malicious code was not widespread and did little damage.

The reason that the server/browser combination has been created remains a mystery.

Some speculate that it is the work of spammers looking to create yet another network of compliant PCs that can be used as proxies to spread junk mail.

Microsoft has issued advice to consumers and web administrators about dealing with the problem.

Administrators are urged to apply the update that will make them immune to infection.

Home users are being told to update their browser and avoid the threat by turning off Javascript. However, this could mean that some webpages do not display as expected.

Microsoft has also given advice about how people can check if they are infected.

So far the server/browser combination has not been given a single name. In its warning about the problem Microsoft calls it download.ject but others, such as F-Secure, are calling it Scob.
Hezzy is offline  
Reply With Quote
Old 2004-06-25, 06:38 PM   [Ignore Me] #2
AztecWarrior
Lightbulb Collector
 
AztecWarrior's Avatar
 


We're getting it over here as well. A line from Yahoo! News, front page, 'PC Users Warned of Infected Web Sites':

CERT recommends that Internet Explorer users consider different browsers such as Mozilla Firefox, Netscape Communicator or Opera. For people who continue to use Internet Explorer, CERT and Microsoft recommend setting the browser's security setting to "high".

What was that? Netscape sucks? What?
__________________
The gun katas. Through analysis of thousands of recorded gunfights, the Cleric has determined that the geometric distribution of antagonists in any gun battle is a statistically predictable element. The gun kata treats the gun as a total weapon, each fluid position representing a maximum kill zone, inflicting maximum damage on the maximum number of opponents while keeping the defender clear of the statistically traditional trajectories of return fire. By the rote mastery of this art, your firing efficiency will rise by no less than 120%. The difference of a 63% increase to lethal proficiency makes the master of the gun katas an adversary not to be taken lightly.
AztecWarrior is offline  
Reply With Quote
Old 2004-06-25, 06:40 PM   [Ignore Me] #3
Rayder
General
 
Rayder's Avatar
 
Misc Info


Interesting. Yes Aztec, Netscape sucks.
Rayder is offline  
Reply With Quote
Old 2004-06-25, 06:41 PM   [Ignore Me] #4
Hezzy
Contributor
General
 
Hezzy's Avatar
 


That's aztec.

pizzowned by ninja-edit
Hezzy is offline  
Reply With Quote
Old 2004-06-25, 06:41 PM   [Ignore Me] #5
martyr
Contributor
Brigadier General
 
martyr's Avatar
 
Misc Info


i'm surfing with firefox.
__________________
-martyr
martyr is offline  
Reply With Quote
Old 2004-06-25, 07:26 PM   [Ignore Me] #6
Corrosion
Registered User
 
Corrosion's Avatar
 
Misc Info


Originally Posted by martyr
i'm surfing with firefox.
Ditto.

gg IE.
Corrosion is offline  
Reply With Quote
Old 2004-06-25, 06:42 PM   [Ignore Me] #7
Jaged
Contributor
Lieutenant General
 
Jaged's Avatar
 


Why does ms have to release such shitty software?
__________________
Jaged is offline  
Reply With Quote
Old 2004-06-25, 07:35 PM   [Ignore Me] #8
Hamma
PSU Admin
 
Hamma's Avatar
 


Originally Posted by Jaged
Why does ms have to release such shitty software?
Dont forget the fact that its the most used software, FireFox or any of the others would end up with holes if they were used as much..

People dont worry about viruses for browsers that arent used, its kinda like making a virus for a mac.
__________________

PlanetSide Universe - Administrator / Site Owner - Contact @ PSU
Hamma Time - Evil Ranting Admin - DragonWolves - Commanding Officer
Hamma is offline  
Reply With Quote
Old 2004-06-26, 06:35 PM   [Ignore Me] #9
TekDragon
Member
Contributor
 
TekDragon's Avatar
 


Originally Posted by Hamma
Dont forget the fact that its the most used software, FireFox or any of the others would end up with holes if they were used as much..

People dont worry about viruses for browsers that arent used, its kinda like making a virus for a mac.
Exactly. If people had any idea just how many losers have dedicated their life to hacking Windows and IE, they would praise the lord at just how secure they are.

Instead people want to bitch and moan so they look cool "dissing the man".
TekDragon is offline  
Reply With Quote
Old 2004-06-25, 06:44 PM   [Ignore Me] #10
Hezzy
Contributor
General
 
Hezzy's Avatar
 


It's MS...

Microsoft is about as impregnable as a whore with a half meter wide minge.
Hezzy is offline  
Reply With Quote
Old 2004-06-25, 06:47 PM   [Ignore Me] #11
Rayder
General
 
Rayder's Avatar
 
Misc Info


Way to edit a snazzy insult Hezzy....
Rayder is offline  
Reply With Quote
Old 2004-06-25, 06:53 PM   [Ignore Me] #12
Jaged
Contributor
Lieutenant General
 
Jaged's Avatar
 


What was the insult before he edited it?
__________________
Jaged is offline  
Reply With Quote
Old 2004-06-25, 06:59 PM   [Ignore Me] #13
Hezzy
Contributor
General
 
Hezzy's Avatar
 


There was no insult. It was an afterthought.

EDIT: Like women. ( )
Hezzy is offline  
Reply With Quote
Old 2004-06-25, 07:00 PM   [Ignore Me] #14
Jaged
Contributor
Lieutenant General
 
Jaged's Avatar
 


Ok... then what was the afterthought?
__________________
Jaged is offline  
Reply With Quote
Old 2004-06-25, 07:04 PM   [Ignore Me] #15
Infernus
Lieutenant General
 
Infernus's Avatar
 


Heh I use opera, like it mutch...
__________________
Infernus is offline  
Reply With Quote
Reply
  PlanetSide Universe > General Forums > The Lounge

Bookmarks

Discord


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 04:24 PM.

Content © 2002-2013, PlanetSide-Universe.com, All rights reserved.
PlanetSide and the SOE logo are registered trademarks of Sony Online Entertainment Inc. © 2004 Sony Online Entertainment Inc. All rights reserved.
All other trademarks or tradenames are properties of their respective owners.
Powered by vBulletin
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.