Microsoft Releases Internet Explorer Fixes - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Software // Enterprise Applications

Microsoft Releases Internet Explorer Fixes

The "configuration change" closes a loophole that had allowed hackers to convert popular Web sites into virus transmitters.

Microsoft on Friday released a "configuration change" designed to protect Internet Explorer users from what's known as the "Download.Ject" or "Scob" attack.

The security stopgap aims to thwart a two-pronged attack that surfaced on June 24. The first portion of the attack targeted Windows 2000 Servers running Internet Information Services 5.0 that hadn't been patched with the Microsoft Security Bulletin MS04-011 released in April. The attackers planted on those servers malicious code that's designed to infect the PCs of Web surfers who visited those sites.

Web surfers who visited infected Web sites then were attacked through several vulnerabilities within Internet Explorer. At that time there was no fix or patch available for one of the flaws, commonly known as ADODB, for which Microsoft issued the fix Friday.

The attackers used that vulnerability to insert Web-site objects that had malicious JavaScript code attached to them. The JavaScript then, in the background, contacted another Web site that inserted malicious software on the Web surfer's system.

Security experts were unclear about the motive behind the attack. Some said it was traced to a Russian Web IP address of known spammers; others said it was designed to steal consumers' financial information.

The Russian IP address that infected Web surfers' systems was quickly shut down, Microsoft said. However, security experts were quick to warn that the same attackers, or copycats, could quickly try the same attack ploy or some variation.

Microsoft also released a fix, or configuration change, for Windows XP, Windows Server 2003, and Windows 2000 operating systems that protects against the unpatched ADODB vulnerability. The configuration change is available on Microsoft's Download Center and will soon be available through Windows Update. Microsoft also promises to release a series of security updates for Internet Explorer.

These fixes are urgent. Days after the June 24 attack, the SANS Institute Internet Storm Center reported an attack aimed at pop-up ads surfaced on the Internet, also designed to infect Web surfers using Internet Explorer. The pop-up ads inserted on users' systems spyware designed to capture logon information for dozens of financial organizations worldwide, says Marcus Sachs, director of the SANS Internet Storm Center.

The targeted financial institutions include Citibank, Barclays, and Deutsche Bank.

The spyware code was designed to capture user logon information as it was typed but before the user name and pass codes were encrypted to be transmitted across the Internet, Sachs says.

Sachs says in this attack, the user information was sent to a Web site in San Diego that was quickly shut down Wednesday after SANS contacted the FBI about the attack.

To make matters worse for users of virtually every Web browser, Danish security firm Secunia on Friday issued a security alert it dubbed "moderately critical" that affects virtually every Web browser.

According to Secunia's advisory, the browser vulnerability makes it possible for a remote attacker to conduct a spoofing attack on Web surfers. This type of attack makes it possible to insert potentially malicious content within a browser window opened by a trusted site. The flaw affects Internet Explorer 5.x for the Mac, Konqueror 2.x, Netscape 6.x and 7.x, Safari 1.x, as well as multiple versions of Mozilla and Opera. Secunia's advisory is available here.

Microsoft has published information designed to help users protect themselves while surfing the Internet: The configuration change is, or will soon be, available here.

More information about the Scob attack is available here. And general information about computer security and safety from Microsoft is available here.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Where Cloud Spending Might Grow in 2021 and Post-Pandemic
Joao-Pierre S. Ruth, Senior Writer,  11/19/2020
The Ever-Expanding List of C-Level Technology Positions
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/10/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
Flash Poll