Get PJ Media on your Apple

VodkaPundit

Reason Number 15,586 To Own A Mac

June 25th, 2004 - 7:40 am

From CNet News, a very nasty new twist for users of Windows:

Security researchers warned Web surfers on Thursday to be on guard after uncovering evidence that widespread Web server compromises have turned corporate home pages into points of digital infection.

The researchers believe that online organized crime groups are breaking into Web servers and surreptitiously inserting code that takes advantage of two flaws in Internet Explorer that Microsoft has not yet fixed. Those flaws allow the Web server to install a program that takes control of the user’s computer.

[T]he flaws affect every user of Internet Explorer, because Microsoft has not yet released a patch. Moreover, the infectious Web sites are not just those of minor companies inhabiting the backwaters of the Web, but major companies, including some banks, said Brent Houlahan, chief technology officer of NetSec.

“There’s a pretty wide variety,” he said. “There are auction sites, price comparison sites and financial institutions.”

The group also pointed out that the malicious program uploaded to a victim’s computer is not currently detected as a virus by most antivirus software. With no patch from Microsoft, that leaves Internet Explorer users vulnerable. A representative of the software giant was not immediately available for comment on when a patch might be available.

Researchers believe that attackers seed the Web sites with malicious code by breaking into unsecured servers or by using a previously unknown vulnerability in Microsoft’s Web software, Internet Information Server (IIS). When a victim browses the site, the code redirects them to one of two sites, most often to another server in Russia. That server uses the pair of Microsoft Internet Explorer vulnerabilities to upload and execute a remote access Trojan horse, RAT, to the victim’s PC. The software records the victim’s keystrokes and opens a back door in the system’s security to allow the attacker to access the computer.

It wouldn’t surprise me a bit if this is one of the reasons why I had to completely reformat my wife’s Dell last night. After we got married and I hooked it into my broadband network, the piece of junk just exploded with adware and malware that had been sitting dormant, waiting for a fast connection. No combination of updates, blockers, cleaners, or virus software could save it; in less than 90 days, it was completely unusable.

I’m loading up Firefox for her tonight, and very strongly suggesting that she never launch IE again (even if she does have to think in Russian).

Click here to view the 27 legacy comments