Content

Security experts warn that hackers are exploiting IE bug

Security experts have warned internet users to take care when surfing the web, following sightings of malware planted on websites that exploits a recently discovered Internet Explorer security vulnerability that has not yet been patched by Microsoft.

The security vulnerability allows hackers to run malicious software (such as a trojan, virus or worm) on a user's machine when they visit a website containing the exploit code.

The vulnerability affects Microsoft Internet Explorer on the following operating system platforms: Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium Edition, Windows 2000 Service Pack 4, Windows XP Service Pack 1, and Windows XP Service Pack 2.

"Microsoft will be fuming that the security of their software is being brought into question before they have had a chance to issue a security patch," said Graham Cluley, senior technology consultant for Sophos.

"Microsoft's next bundle of security patches aren't due until Dec. 13, and it will be interesting to see if they decide to break the cycle and release a patch earlier in response to the increasing number of exploits," he said.

Sophos said it has issued protection to its users against malware that has been discovered on websites exploiting the vulnerability, including the Clunky-B trojan horse that allows hackers to gain remote access over an infected PC.

Cluley added: "It wouldn't be a surprise if more malware was distributed that took advantage of this vulnerability in Microsoft's code."

This view was echoed by Luis Corrons, director of PandaLabs. "Once this circulates among other cyber criminals we can expect further attacks of these types. Even with a computer system that is fully patched, users are still vulnerable unless they have a fully up-to-date anti-malware solution," he said.

Until a fix is available from Microsoft, concerned computer users should consider changing the configuration of Internet Explorer to turn off, or prompt before, allowing Active Scripting to run.

www.sophos.com
www.pandasoftware.com

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.