Attack Pierces Fully Patched XP Machines (http://news.yahoo.com/news?tmpl=story&u=/zd/20040819/tc_zd/133763)

Thu Aug 19, 1:42 PM ET


Dennis Fisher - eWEEK

Security researchers have identified a new version of the Download.Ject attack that is now being used on the Internet and can compromise fully patched Windows XP (news - web sites) machines.


The new version of the attack just appeared Thursday afternoon, and while details are still sketchy, experts say its main purpose is to install a back door on compromised PCs. Users victimized by the attack receive an e-mail or an instant message containing a link directing them to a malicious Web page.

The page is being hosted by a number of different sites, all of which share common "whois" information and appear to be deliberately serving the page, according to Thor Larholm, senior security researcher at PivX Solutions LLC, based in Newport Beach, Calif. The Trojan also will change the start page of the infected PC.

Click here to read about a pop-up program that swipes banking passwords. (http://us.rd.yahoo.com/dailynews/zd/tc_zd/storytext/SIG=12e8oteci/*http://www.eweek.com/article2/0,1759,1618453,00.asp?kc=EWYH104039TX1B0000665)

Once a user clicks on the link, the Web server attempts to download the back door. Larholm said a PC running a fully patched copy of Windows XP and Internet Explorer 6 will be compromised by the new version of Download.Ject, as will machines running older version of Windows and IE.

<hr>

Use something other than IE, Opera or Mozilla.

As I have been railing for months. DO NOT USE INTERNET EXPLORER, PERIOD!!! IE itself is nothing more than a gateway for most every hole in Windows, whether 9x, ME or XP. It barely even qualifies as a browser anymore, as it's HTML etc., requirements are so non-standard that it is getting harder and harder to write a cross-browser compatible web site anymore (believe me, I know). I am getting to the point that the sites I do for myself and clients are not going to follow the lead-you-by-the-nose idiosyncracies of IE anymore.

I urge everyone here to get Mozilla Firefox (http://www.mozilla.org/products/firefox/). It is far less susceptible to these types of worms, trojans and hacks. It also far more compact, follows W3C standards properly and is generally speedier than IE as well. Opera is also a good browser, although it still has not reached full maturity and is a little more open to vulnerabilities than Firefox. Plus it is not a totally free browser. Although, it is 100 times safer and better then IE.

The use of IE has become the equivalent of the morons who open every email attachment they get and help spread every god-damn worm, trojan and virus around the 'Net, thereby slowing the whole infrastrcture down by bogging down mail and other servers with a ton of useless and sometimes dangerous junk.

IE is like Mohammed Moore. It needs to be taken out.

I Use IE but I do not, and will not do online banking transactions on this machine, i am old fashioned, I'll use phone to check balance or my bank itself otherwise NO way hosay on any online financial transactions.

An ya wonder why I am so nervy when it comes to anything online when it comes to buying online stuff?

or even filling out a fafsa form or any such thing?

I know better.

I just avoid doin it online.

as for emails... if it dont come from a sender that i know of i toss it, i wont even open it, i toss it asap.

thanks for the heads up.

I use Opera 7.54 (latest version). I tried Mozilla, but didn't feel warm'n'fuzzy about it. It's still on the box, and I may give it another try at some point.

[ QUOTE ]
The use of IE has become the equivalent of the morons who open every email attachment they get and help spread every god-damn worm, trojan and virus around the 'Net, thereby slowing the whole infrastrcture down by bogging down mail and other servers with a ton of useless and sometimes dangerous junk.

[/ QUOTE ]
I've been harping for a long time about the fact that it's too damned easy to use computers. It's appalling to think of how many boxes out there are totally open to attack because the users are clueless about security.

One thing every user of Outlook or OE should do it turn off the damned Preview panel that automatically opens an email as soon as it's selected. For Outlook Express (I'm not certain about Outlook):

View > Layout > uncheck "Show preview pane"

It's a simple but effective precaution given the number of emails that load stuff from a website as soon as they're opened.

I took all the 'preview panes' out of my Outlook, as I have Microsoft Outlook.

Took the precautions to remove any preview pane on the incoming mail and junk mail, took most out except those i wanted to stay and thats for mail I definitely know is safe after checkin em out.

Can you delete IE out of your computer without messing up every other program in your Programs File???

If so, please let me know. I use Mozilla Firefox now.

Love, heather

It depends on the type of Windows install that you have on your system. The easiest way to check is to go to Control Panel/Add-Remove Programs and see if IE is listed there. (IE itself, not a patch which will be called something like 'Internet Explorer Qxxxxxxxxx").

in any case, just go ahead and keep using Mozilla and keep your box patched, keep your anti-virus updated and run Spy Sweeper. While AdAware and SpyBot are good, the fact that they are free shows that you get what you pay for compared to Spy Sweeper. It is definitely the way go to for now for spyware removal. It is not free, but it is worth the money. Well, it IS free and the first update is free. After that, you need tp pay $29.95 so can keep updating it. I recommend it though.

Switch to Thunderbird from Mozilla.

Acutally, Firefox is the latest and most stable version of the Mozilla browser.

You can DL Firefox 0.9.2 here (http://www.mozilla.org/products/firefox/).

When i get my new box up I'll prolly bother with these other versions.