Hackers Jump On Newest IE7 Bug 162
CWmike writes "Attackers are already exploiting a bug in Internet Explorer 7 that Microsoft patched just last week, security researchers warned today. Although the attacks are currently in 'very, very small numbers,' they may be just the forerunner of a larger campaign, said Trend Micro's Jamz Yaneza. 'I see this as a proof-of-concept,' said Yaneza, who noted that the exploit's payload is extremely straightforward and explained that there has been no attempt to mask it by, say, planting a root kit on the victimized PC at the same time. 'I wouldn't be surprised to see this [exploit] show up in one of those Chinese exploit kits,' he added. The new attack code, which Trend Micro dubbed 'XML_Dloadr.a,' arrives in a spam message as a malicious file masquerading as a Microsoft Word document."
Re:Hopefully attacks like this won't be as prevole (Score:5, Insightful)
And then the exploits will occur with the browser that most people are using. Face it: there are bugs in every piece of software out there, and it's just a matter of time before someone finds and exploits them.
Re:Hopefully attacks like this won't be as prevole (Score:5, Insightful)
The new attack code, which Trend Micro dubbed "XML_Dloadr.a," arrives in a spam message as a malicious file masquerading as a Microsoft Word document. If the fake document is opened, the exploit hijacks PCs that have not been patched...
Running Chrome or Firefox won't stop idiots from opening strange attachments.
Re:Hopefully attacks like this won't be as prevole (Score:1, Insightful)
Re:Hopefully attacks like this won't be as prevole (Score:1, Insightful)
exactly. this is precisely the reason that Apache has far more exploits published than IIS.
Re:Hopefully attacks like this won't be as prevole (Score:4, Insightful)
Re:Hopefully attacks like this won't be as prevole (Score:2, Insightful)
Re:Hopefully attacks like this won't be as prevole (Score:4, Insightful)
Not all that much really. Easy enough to run a spambot with user privs. Any of the data you want to steal is in ~. If you last long enough without detection, you can grab the user's password with an X keylogger and start doing extra naughty stuff with root.
Re:Hopefully attacks like this won't be as prevole (Score:3, Insightful)
Do any linux distros come set up for this by default? How long until they do?
Re:Hopefully attacks like this won't be as prevole (Score:3, Insightful)
Pointing out there are possible fixes doesn't absolve it from blame.
No, it doesn't, and that is one of the major problems with FOSS: devs tend to avoid disturbing the ecosystem as much as possible, even when doing so is a good idea. If this was run in a traditional (read:closed-source) setting and IT heard that it would take the flip of a few bits to get rid of a major security vulnerability, how long would the bug live?
I know some idiot mod will mark this as a troll because it is critical of FOSS. Really people, let's at least pretend to be civilized, please.
Re:Hopefully attacks like this won't be as prevole (Score:2, Insightful)
Once all those Windows users start migrating to Linux because it's safer, do you think they'll suddenly be infused with large doses of simple common sense? apt-get install effin-common-sense-0.2.3 or something like that? =)
Re:Hopefully attacks like this won't be as prevole (Score:3, Insightful)
It's not that difficult. I can turn your shiny Linux box into a bot zombie by sending you a Perl script in a tarfile with the execute bit set and asking you to extract and run it.
Trojans are a serious concern, but still a small portion of the problem today. Most exploits, by number of infections, are via automated worms with no user interaction.
Don't underestimate the power of simple social engineering or the tendency of users to do dumb things. And don't overestimate the alleged technological superiority of your OS.
The interesting thing about non-Windows OS's is they adapt to threats. Right now trojans are not a problem for the average Linux user, but in a few high security environments they are a concern. Those environments use technologies like SELinux to mitigate the risks and make social engineering a lot harder indeed. If trojans are ever a threat to the average Linux user, these technologies will be ubiquitously employed helping to defeat said threat. That's the thing about not being a monopolist. You have serious motivation to fix your users problems and if you don't someone else will.
Neither you nor your data are the target.
This has never been completely true, but it is becoming less and less so. More malware is starting to collect passwords to online accounts, banking info, and credit card numbers.
Re:Whew! (Score:3, Insightful)
So is the guy's name in the article...Jamz lol what a goofy name hehe
Pfft. This from a guy named "Anonymous Coward".