[ insider_reports_insider ]
New Drive-By Exploit Threatens IE
David Utter
Staff Writer
2007-03-29
 Insider Reports RSS Feed
Versions 6 and 7 of Internet Explorer running on fully patched Windows XP SP2 systems are vulnerable to a silent exploit.
 | | New Drive-By Exploit Threatens IE |  |
McAfee researcher Craig Schmugar has disclosed the existence of attack code that can hit a Windows system when a person simply visits a malicious website.
Security researchers had discovered discussion of the exploit in an online forum. Since that time, the company has received a sample of malicious code that demonstrates the exploit can be targeted.
The company assigned this exploit a low risk to users, and explained how it works. By visiting a website containing malformed ANI files, Internet Explorer pulls them in and runs them.
Once they run, the malformed ANI can pull in other software, silently, from remote servers. An example of this silent attack demonstrated how it could retrieve a new downloader Trojan and place it on the victim's PC.
Since this exploit happens as a drive-by and runs silently, the user is not alerted to anything wrong on the system. Once exploited, common malware like keyloggers and spam engines could end up running on someone's machine.
Schmugar said Windows XP SP0 and SP1 are not affected by the exploit. Neither is Firefox. He also referred to a two-year old Microsoft bulletin where Windows was critically vulnerable to cursor and icon format handling, as this new exploit exhibits similar behaviors.
---
Tags: Internet Explorer, Security, Vulnerability
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
RSS
Archive
Contact Us
Advertise
