Login:
Password:
Lost Password?
Print this article  |  E-mail this article  |  Comment on this article

New Malware Causes Concern

By David Worthington, BetaNews

June 25, 2004, 1:36 AM

NetSec Inc. has detected a new vulnerability that is infecting users of Microsoft Windows with malware. By visiting a malicious website with the Internet Explorer web browser, users can become silently infected with arbitrary code that is embedded in images on web pages. Once installed, the code begins to log keystrokes and then calls home to servers which then upload even more payload onto infected systems.

The attack, called Download.Ject, exploits previously known flaws in Internet Information Services (IIS) and Internet Explorer. Preview versions of Windows XP Service Pack 2 are not affected by the Download.Ject. Microsoft recommends that all customers download the latest security updates, keep virus definitions up to date and configure a firewall.

Commenting on the vulnerability, Jeremiah Grossman, an information security expert at WhiteHat Security told BetaNews, "The presence and danger of web browser security vulnerabilities have been well-known (in both IE and NS) for years. However, the degree in which they are now being exploited is reaching alarming heights."

Grossman continued, "Microsoft's Trustworthy Computing initiative, while a step in the right direction, has yielded very little protection when it comes to browsing web pages. More needs to be done here to protect the average web user for attack. Surf the web and get a virus cannot be allowed to continue.

"At the moment, the best the industry can recommend is use an alternative to Internet Explorer, such as Firebird, Mozilla or Opera."

Add a Comment (19 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By Davader

posted Jun 30, 2004 - 12:18 PM

I am a computer repair tech and a customer hit this bugger at Kelly Blue Book web site, 74 .gif files were infectied but Norton AV snaged it all.

Score: 0

By zenaphex

posted Jun 25, 2004 - 11:00 AM

Anyone have some recent resource link(s) on this that could explain the details of the vulnerability?

Score: 0

By peterf1972

posted Jun 25, 2004 - 4:32 PM

Check this link:

http://www.incidents.org/

or

http://www.microsoft.com...dent/download_ject.mspx

Score: 0

By wormeyman

edited Jun 25, 2004 - 3:41 AM

http://www.mozilla.org/products/firefox/why/
this is why i use an alternate browser ;)

edit: looks like links are disabled?

Score: 0

By Mark Gillespie

posted Jun 26, 2004 - 8:35 AM

The only reason Internet Explorer is attacked, is that it's used by 95% of the world online population. If everyone moved to Mozilla browsers, then the virus writers and hackers would target that... The Mozilla browsers have just as many security issues, but hackers don't target them, as they are a small minority. I fear that Mozilla may be MORE open to vunrabilities, as nobody has really tested it's robustness to attack on the same scale as IE gets "tested" (tested as it real life).

Score: 0

By thedax

posted Jun 27, 2004 - 2:49 PM

I don't agree. Firefox is not integrated in the OS, so despite being open to attacks like every other application connected to the Internet, it's not as dangerous as IE.

It's not about Firefox being secure, it's about IE being insecure.

Score: 0

By rijp

posted Jun 30, 2004 - 3:45 AM

OK, there is some real bad information in here. First of all, IE is NOT, I repeat, NOT integrated into the OS. IE is a micrsoft product. Windows is a Microsoft product. Its only natural they are paired. There isn't a person on the planet (if they are smart) that wouldn't try to promote their own products. That being said, IE, like another user pointed out, is under scrutiny because its ubiquitous. Mozilla (and Firefox) are just as vulernable to security holes, as IE... but because they are not as prevalent, they don't get the same press.. for these type of issues. I distinctly remember, '94 Netscape users bragged about their browser being "bulletproof" to certain attacks, then AOL users starting adopting Netscape as their browser of choice, a short time later.. Netscape was forced to change their Java support, because hackers could gain control of machines (this was before DSL routers) via a backdoor in java. IE, being VB script dominated at that time, wasn't as susceptable, and the viscious code had an adverse affect on Certain versions of Netscape.. that was the beginning of the end of Netscape. You people have a very short memory for problems. I could list hundreds of examples, Linux, Sun, Unix, and other hybrids.. EVERY OS has security concerns. ITs all programming preparation. There is not a complete foolproof solution. As long as people program, people make mistakes, and other people try and exploit those mistakes.

Score: 0

By Valathax

posted Jul 3, 2004 - 1:53 PM

Use windows explorer, type a url like www.betanews.com in the address field. You will note that a webpage opens inside windows explorer.

Look at your process list in task manager, you will note that Internet Explorer is not running.

Score: 0

By Gary_destruction

posted Jul 1, 2004 - 6:57 PM

Wrong. IE is part of Windows. Windows explorer uses IE's shell for the desktop and rest of the GUI. And many programs use IE files such as shdocvw.dll to render their HTML-based GUIs. Additionally, Microsoft classifies Internet Explorer as an OS component.

Score: 0

By CPUGuy

posted Jul 3, 2004 - 6:18 PM

This has nothing to do with the security of it, though. All it means that it is shipped with every version of Windows (ie, more ubiquitous).

The integration of IE does NOT effect security. IE would be EXACTLY the same, security wise if it were a stand-alone product. Just because the OS uses IE's rendering engine does not make it less secure. It merely means that more things are using this certain product which has a vulnerability in it.

Score: 0

By Gary_destruction

edited Jul 5, 2004 - 3:21 AM

Not true. There have been security vulnerabilities in Internet Explorer that were able to effect users even if they didn't use it as the default browser. And IE's dll's sit in memory. Windows Explorer uses IE's shell. If there's a security vulnerability in IE's shell, then there's a security vulnerability in Windows Explorer.

Score: 0

By bourgeoisdude

posted Jun 27, 2004 - 1:08 PM

Agree with you all the way.

Score: 0

By jrepin

posted Jun 26, 2004 - 3:20 PM

Just like Apache is much more used as web server and yet IIS is much more insecure?

People just do yourselves (and all others) a big favour and stop using this insecure and old browser. Move foreward and start using better, modern and secure browsers like Firefox, Mozilla or Opera.

Score: 0

By slaesche

posted Jun 27, 2004 - 6:52 PM

The "if more users were using firefox, more firefox hacks would come out" argument is completely false. The reason that Firefox and other browsers are more secure is that they follow w3c standards and don't allow arbitrary code execution. Microsoft extends browsing capabilities via technology like ActiveX which allows a "slicker" user experience with compromised security by allowing arbitrary code execution. Really it's just weak, unstandardised trash that wreaks havoc on the internet, both by eliminating standards and by being horrendously vulnerable to attack. The only code execution browsers like Firefox allow is via Java, which runs inside of it's own secure virtual machine. Hacking java is extremely difficult, and were it to be compromised, it is not a Firefox problem, it's a Sun problem. Happy browsing!

Score: 0

By rijp

posted Jun 30, 2004 - 3:56 AM

OK, so let me see if I have this straight.. Hacking Java is a Sun problem, not Firefox eh? So I exploit a vulnerability, and it affects EVERY browser that uses this so called WC3 compliant, including FireFox. It may be difficult, but not impossible. So using your shortsided analogy, Airport security is a Airport problem, not an Airline problem. So if you manage to breach security, and a group of terrorists gets aboard a plan, and crashes it into 2 big buildings, I suppose that wouldn't be a problem except for that one airport eh? Well that's just brilliant. They just happened to choose Boston Logon, but it could have happened anywhwere, anytime. That's the point. Security, is a concern for everyone. Vulnerabilites in a browser, would be breached, when it gets past that Virtual Machine. In Theory, it should work, but like we keep saying, it HASN'T been tested for its robustness yet. 100 million users world wide use IE. Netscape, Mozilla, Firefox.. Less than 5 million. Enough said. For now, you are safe, but I wouldn't start crooning too loudly just yet, that's just the time you get hit...

...this is the biggest, most powerful....in the world. It's unsinkable (Captain, HMS Titanic)

Score: 0

By Valathax

posted Jul 3, 2004 - 2:05 PM

rijp,

I think that the main advantage that Firefox has over other browsers such as IE is that there is a smaller surface area exposed to potential vunerabilities.

I don't think anyone would want to contend that Firefox has no vulnerabilties, and that will never have any.

The plain facts of the matter is that IE is simply very big and interfaces to every conceiveable portion of the O/S. This is evident when Microsoft releases a security patch for Internet Explorer that states:
"You need to apply this service patch even if you do not use Internet Explorer".

Score: 0

By jrepin

posted Jul 1, 2004 - 2:19 PM

...this is the biggest, most powerful....in the world. It's unsinkable (bussines criminal, Bill Gates, Micro$oft)

Score: 0

By jthomas

posted Jun 30, 2004 - 3:18 PM

Sorry RIP, slaesche makes a very good point despite your best efforts to bury it in sarcasm. Microsoft tends to set its own standards and the result has sometimes been huge holes for hackers to exploit. Further, Java does have an advantage in stability. No one has suggested that firefox or any of the other alternatives is bulletproof, only that they are smaller targets and wear a little better body armor. In the current environment those are significant advantages.

Score: 0

By nhu

posted May 1, 2005 - 1:12 PM

seems IE bashers are tech specialsits since seem to use more detailed tech reasoning and IE kissers are general users. Right, IE and windows has probs since in eqally used Apache and IIS, Apache is less vulnerable to virus attack. But, to my IE bashers, I am a general user and has been just now attacked in firefox by virus...yes firefox has probs after all...

Score: 0

Nov 21 - 6:51 PM ET Coalition urges better laws for e-mail and cell phone privacy

Nov 21 - 6:42 PM ET How is Internet advertising faring in this bad economy?

Nov 21 - 6:15 PM ET From out of the Amazon Cloud, an AWS winner emerges

Nov 21 - 5:20 PM ET Mufin music finder enters public beta, adds widgets

Nov 21 - 5:01 PM ET Google launches its SearchWiki semantics plug-in

Nov 21 - 4:57 PM ET Asus previews a slimmer, less costly Eee PC

Nov 21 - 4:32 PM ET New Adobe Media Player ushers in AIR 1.5

Nov 21 - 2:11 PM ET AT&T to add Pantech's low-cost C630 phone to 3G lineup

Nov 21 - 1:11 PM ET iPhone gets firmware 2.2 update

Nov 21 - 11:51 AM ET The Dell surprise: Higher earnings on lower revenue