Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Malware Attack Exploits 0-Day Vulnerability In IE

Researchers from Symantec the security company warn that hackers are exploiting a fresh zero-day security flaw inside Internet Explorer via employing malicious software.

These experts, apparently, noted the problem when they found a brief spam run that tried to deceive Web-users and get them to click a web-link. Using the caption, "Re: Hotel Reservations," the spam mail pretended to talk regarding some hotel room. It also provided a web-link that took users onto an authentic, but compromised website.

Elaborated Threat Researcher Vikram Thakur at Symantec Security Response, the web-link connected with a site that carried a script checking the operating system and browser versions the user utilized. EWeek.com published this on November 3, 2010.

Thakur also explained that the particular web-page containing the exploit merely worked if the visitor browsed with IE 6 or 7. Consequently, the code moved the visitor only onto that page which harbored the exploit whilst he met the condition. And if the browser version or name was any different, the visitor merely landed on an empty site.

Furthermore, according to the researchers, when the web-page with the exploit was served to the visitors, they couldn't understand the anomaly. Rather they proceeded to take down as also execute malicious software on their PCs even when there was no interaction whatsoever. By exploiting the flaw, it was possible to execute remote code that the Web-surfer never noticed.

This way when the system was compromised, the malicious software automatically ran during the booting of the PC. Simultaneously, the "NetWare Workstation" service also ran, while the malware captured .gif files, which were encrypted, and gave instructions to the Trojan, said the security company, which identified the threat as "Backdoor.Pirpi."

Meanwhile Microsoft in a freshly issued security advisory provided the solutions and ways to mitigate the problem to enable IT admins and end-users defend themselves from the latest attack. Suggests the software company, users must use plain text to read the e-mails instead of HTML. And those using IE 7 can enable 'Data Execution Prevention' for extra defense, while IE 6 users should mark the Local Intranet and Internet security areas as 'High.'

Related article: Malware Authors Turn More Insidious

» SPAMfighter News - 12-11-2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next