Hackers Jump On Newest IE7 Bug 162
CWmike writes "Attackers are already exploiting a bug in Internet Explorer 7 that Microsoft patched just last week, security researchers warned today. Although the attacks are currently in 'very, very small numbers,' they may be just the forerunner of a larger campaign, said Trend Micro's Jamz Yaneza. 'I see this as a proof-of-concept,' said Yaneza, who noted that the exploit's payload is extremely straightforward and explained that there has been no attempt to mask it by, say, planting a root kit on the victimized PC at the same time. 'I wouldn't be surprised to see this [exploit] show up in one of those Chinese exploit kits,' he added. The new attack code, which Trend Micro dubbed 'XML_Dloadr.a,' arrives in a spam message as a malicious file masquerading as a Microsoft Word document."
Re:the solution is .. (Score:1, Informative)
Re:Hopefully attacks like this won't be as prevole (Score:5, Informative)
When it was run, this attachment would helpfully and quietly forward itself to everyone in your address book. A couple of days later, after cleaning up the smoking wreckage of the E-mail system, system administration would send out an E-mail suggesting that it's not a good idea to run programs from unknown sources.
This was on IBM VM/CMS, a notably not-Microsoft OS.
Re:Exploit Wednesday (Score:3, Informative)
Microsoft could, of course, add large numbers of irrelevant changes to every patch, as a sort of chaff, and use the various other obfuscation tricks; but I strongly suspect that that would do nothing good for the timeliness or quality of their patches.
Viruses are old tech. (Score:2, Informative)
Viruses were made back in the single user day. Linux and MacOS even Newer Version of windows don't need Virus to do its damage. Worms that hack into the system and run and install separate process then war dial different IP Address do the trick just as well. The reason people still make viruses for windows is the fact they most people run with Administrator access and they are simple to program (And they think they are Hot stuff if they do), programming worms is still less glory but is more willing to effect a Linux Majority network infrastructure.
Just because Linux or MacOS or your favorite Unix doesn't have viruses they can still get hacked into especially if you poorly administrator or neglect them. The fact they they can get hacked into allows for such worms to operate. Heck a well neglected Unix box running a worm can also have an Auto Update feature to adjust for newly found security.
Being smug about security is the worse thing you can do.
minor pedantry (Score:3, Informative)
virii
If that's an attempt at Latin, it failed. In Latin, virus is in the fourth declension and its plural is virus (yep, just like the singular), and NOT viri or virii.
Of course, as an English word, the plural of virus is viruses.
Re:In other news-- FISH FOUND IN OCEAN (Score:3, Informative)
Re:In other news-- FISH FOUND IN OCEAN (Score:1, Informative)
reminds me of the first virus I ever encounter, something Jericho; I knew I was in trouble when /format :c was no longer working. Oh, the days when a reformat and reinstall took 30 min, and all your documents were "safe" on floppies anyway.
Sector not found reading drive A: Abort, Retry or Fail?
Re:Hopefully attacks like this won't be as prevole (Score:3, Informative)
...and I won't run it, nor will any of my users....
Update my system .. ok I just go in the package manager ... no updates .. oh well
Social engineering works both ways, If you make sure you never, ever, send updates via email then the users notice it's unexpected and ask first ... Too many Windows systems are updated by users clicking on links in/attachments to emails ... and far too many websites give download and run links for Windows systems so that the users expect it to work like that
Linux does not make hijacking and exploits impossible, or even that difficult... but it does make it inherently less likely that the simple ones will succeed (don't run as admin, make it painful to run downloaded files, update via package manager not by running a program/script)
Re:minor pedantry (Score:3, Informative)
If that's an attempt at Latin, it failed. In Latin, virus is in the fourth declension and its plural is virus (yep, just like the singular), and NOT viri or virii.
You, too, fail at Latin: it's second declension [tufts.edu]. Didn't your Latin teacher ever tell you to look at the genitive to determine which declension it is?
Don't be misled by the fact that it's neuter: it's one of three 2nd-decl. -us nouns that are neuter (the others are pelagus and vulgus). Nouns of this type do not have plurals in Latin (see Allen & Greenough [textkit.com] p. 22).