Microsoft Releases Internet Explorer Fixes - InformationWeek
Software // Enterprise Applications
12:42 PM

Microsoft Releases Internet Explorer Fixes

The "configuration change" closes a loophole that had allowed hackers to convert popular Web sites into virus transmitters.

Microsoft on Friday released a "configuration change" designed to protect Internet Explorer users from what's known as the "Download.Ject" or "Scob" attack.

The security stopgap aims to thwart a two-pronged attack that surfaced on June 24. The first portion of the attack targeted Windows 2000 Servers running Internet Information Services 5.0 that hadn't been patched with the Microsoft Security Bulletin MS04-011 released in April. The attackers planted on those servers malicious code that's designed to infect the PCs of Web surfers who visited those sites.

Web surfers who visited infected Web sites then were attacked through several vulnerabilities within Internet Explorer. At that time there was no fix or patch available for one of the flaws, commonly known as ADODB, for which Microsoft issued the fix Friday.

The attackers used that vulnerability to insert Web-site objects that had malicious JavaScript code attached to them. The JavaScript then, in the background, contacted another Web site that inserted malicious software on the Web surfer's system.

Security experts were unclear about the motive behind the attack. Some said it was traced to a Russian Web IP address of known spammers; others said it was designed to steal consumers' financial information.

The Russian IP address that infected Web surfers' systems was quickly shut down, Microsoft said. However, security experts were quick to warn that the same attackers, or copycats, could quickly try the same attack ploy or some variation.

Microsoft also released a fix, or configuration change, for Windows XP, Windows Server 2003, and Windows 2000 operating systems that protects against the unpatched ADODB vulnerability. The configuration change is available on Microsoft's Download Center and will soon be available through Windows Update. Microsoft also promises to release a series of security updates for Internet Explorer.

These fixes are urgent. Days after the June 24 attack, the SANS Institute Internet Storm Center reported an attack aimed at pop-up ads surfaced on the Internet, also designed to infect Web surfers using Internet Explorer. The pop-up ads inserted on users' systems spyware designed to capture logon information for dozens of financial organizations worldwide, says Marcus Sachs, director of the SANS Internet Storm Center.

The targeted financial institutions include Citibank, Barclays, and Deutsche Bank.

The spyware code was designed to capture user logon information as it was typed but before the user name and pass codes were encrypted to be transmitted across the Internet, Sachs says.

Sachs says in this attack, the user information was sent to a Web site in San Diego that was quickly shut down Wednesday after SANS contacted the FBI about the attack.

To make matters worse for users of virtually every Web browser, Danish security firm Secunia on Friday issued a security alert it dubbed "moderately critical" that affects virtually every Web browser.

According to Secunia's advisory, the browser vulnerability makes it possible for a remote attacker to conduct a spoofing attack on Web surfers. This type of attack makes it possible to insert potentially malicious content within a browser window opened by a trusted site. The flaw affects Internet Explorer 5.x for the Mac, Konqueror 2.x, Netscape 6.x and 7.x, Safari 1.x, as well as multiple versions of Mozilla and Opera. Secunia's advisory is available here.

Microsoft has published information designed to help users protect themselves while surfing the Internet: The configuration change is, or will soon be, available here.

More information about the Scob attack is available here. And general information about computer security and safety from Microsoft is available here.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
[Interop ITX 2017] State Of DevOps Report
[Interop ITX 2017] State Of DevOps Report
The DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll