On July 6, Microsoft Corp. warned about a serious computer hole related to its Internet Explorer browser. It can allow hackers to remotely take control of victims’ machines. The victims don’t need to do anything to get infected except visit websites infected with a tiny bit of code that taps into the security hole.
If successful, a hacker could execute code remotely and take control of a system. So far the exploit seems to be spreading via drive-by downloads on compromised and malicious sites. Internet Explorer versions 6 and 7 are at risk, but people running IE 8 are not vulnerable, Symantec said.
Microsoft urged vulnerable users to disable the problematic part of its software, which can be done from Microsoft’s Web site, while the company works on a “patch” — or software fix — for the problem.
Thousands of sites have been hacked to serve up malicious software that exploits the vulnerability. People are drawn to these sites by clicking a link in spam e-mail.
The so-called “zero day” vulnerability disclosed by Microsoft affects a part of its software used to play video. The problem arises from the way the software interacts with Internet Explorer, which opens a hole for hackers to tunnel into.
Once the attacker gains access to a PC, the machine most often is used in a network of other compromised PCs, called bots, to spread spam and steal data. Bots are also widely used to spread promotions for fake anti-spyware subscriptions and to hijack cash from online banking accounts.
Link to Microsoft Zero Day fix
Link To news.CNET Video Active X article
From Mike Reavey at the Microsoft Security Response Center: “We were far enough along in our process that we felt comfortable taking this information from our investigation and giving it to customers so they could take immediate action to protect themselves while we finish our security update. To make it even easier for customers to protect themselves, we also implemented the “FixIt” that automatically implements the killbits.
Customers who have already implemented the killbits manually or through the FixIt workaround won’t need to implement next week’s security update, though we recommend that you apply the update to ensure that reporting accurately shows that the systems are fully protected.
We’re on track to release the security update next Tuesday (7/14). But if you haven’t implemented the killbits already, we recommend that you go ahead and do that to protect yourself against the attacks”.
0 Responses
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.