Computer Help Community

Community

Cyber Tech Help Community

New Tutorials

More Tutorials
PC Tutorials

New Downloads

More Downloads
PC Downloads

Member Testimonials

Open Member Quote   Thanks so very, very much for your kind help. My wife is thrilled. Needless to say, so am I. And our thanks to CyberTechHelp for such a great and generous service - sher07  Close Member Quote
Member Testimonials
MY CYBER TECH HELP

LATEST TOPICS

Tech Help Community

Free Antivirus Scan

Free Virus Scan and a listing of the top 10 viruses in the wild - Free Antivirus Scan
Free Online Antivirus Scan

File Extension Database

Find what program a filetype belongs to in our searchable File Extension Database.
File Extension Database

Related Microsoft Links

Technet

Expert Zone Community
Services
Cyber Tech Help Community

To the top of the page to top

 



Computing News | Trojan horse rides on unpatched IE flaw

Latest News Latest News | News ArchiveNews Archive | Cyber Tech Help News RSS Feed!

Posted by: Tweaker
Date added: 23:54 Wednesday, 30th November 2005 GMT
Source: C/NET News

Microsoft

Attackers are taking advantage of an unpatched vulnerability in Internet Explorer to target users of the ubiquitous Web browser, Microsoft warned late Tuesday.

Malicious software that exploits the security flaw to download a Trojan horse to vulnerable computers has been found on the Internet, according to Microsoft. Detection and removal capabilities for the "TrojanDownloader:Win32/Delf.DH" have been added to Microsoft's recently launched online security-scanning tool.

"Customers can visit Windows Live Safety Center and are encouraged to use the Complete Scan option to check for and remove this malicious software and future variants," Microsoft said in its updated security advisory on the issue.

The security bug, exploited by the Trojan downloader, was originally reported in May. The bug was thought to only allow for a denial-of-service attack, which would cause IE to close. However, experts last week raised an alarm on the issue because it was discovered that it could be used to remotely run code on a vulnerable computer.

Microsoft has yet to provide a fix for the vulnerability, but is working on a patch, according to the security advisory. Security-monitoring company Secunia deems the problem "extremely critical," its rarely given highest rating.

The vulnerability puts computers running Windows 98, Windows Millennium Edition, Windows 2000 and Windows XP at risk. An attacker could gain complete control of vulnerable systems by hosting malicious code on a Web site. Once an IE user visits the site, the malicious program would run without any user interaction.

Microsoft offers several workarounds to deflect attacks. These include changing IE settings to disable active scripting or prompt the user before running such scripts.

Tools:  Tools: Post a comment | Link to this news item | Send to a friend | Submit News

 

Post a commentPost a comment

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!  Register to become a member!  Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.

 

[ To the top of the page To top | Latest News Latest News | News Archive News Archive | Cyber Tech Help News RSS Feed! ]