Read more ... http://www.computerworld.com.au/index.p ... 8&eid=-255Kieren McCarthy, Techworld.com
09/06/2004 08:28:25
Two new vulnerabilities have been discovered in Internet Explorer which allow a complete bypass of security and provide system access to a computer, including the installation of files on someone's hard disk without their knowledge, through a single click.
Worse, the holes have been discovered from analysis of an existing link on the Internet and a fully functional demonstration of the exploit have been produced and been shown to affect even fully patched versions of Explorer.
It has been rated "extremely critical" by security company Secunia, and the only advice is to disable Active Scripting support for all but trusted websites.
The discovery stems from Dutch researcher Jelmer who was sent an Internet link which he was warned used unknown Explorer vulnerabilities to install adware on his computer. He found it did and embarked on a detailed analysis of the link, which demonstrates an extremely sophisticated use of encrypted code to bypass the Web browser's security.
Internet Explorer carved up by zero-day hole
Internet Explorer carved up by zero-day hole
-
- Registered User
- Posts: 60
- Joined: 22 Feb 2004, 02:00
- Location: Johannesburg, Edenvale
I had a problem about some 2 weeks ago with my pc. This damn adware got on my pc. it set the homepage to this pharmacutical companys website.
It stopped me from viewing any other site and i had Noron antivirus and Internet security installed. I had to format my hdd to get rid of it cause no amount of resetting the internet options and deleting of files would help. How it got on my pc is beyond me.
Do you think it possible that this threat and what happened to my pc are related?
It stopped me from viewing any other site and i had Noron antivirus and Internet security installed. I had to format my hdd to get rid of it cause no amount of resetting the internet options and deleting of files would help. How it got on my pc is beyond me.
Do you think it possible that this threat and what happened to my pc are related?
I don't think this new vulnerability and what happened to your PC are related.
Adware can get onto your computer in several different ways and most of them I'm sure don't need to use this vulnerability.
I'm sure you could have fixed it without formatting. Generally boot in safe mode then use msconfig and remove suspisious looking entries. Alternatively boot normally and open the task list. Kill all tasks that you know aren't needed by the system and then run msconfig like earlier. To be safe if you found any strange entries in the task list write them down and search for them in regedit and then delete any entries you find.
Be sure to backup your registry first!
Then restart and see if it works right again. Also get an Adware scanner and remover to compliment your antivirus.
Adware can get onto your computer in several different ways and most of them I'm sure don't need to use this vulnerability.
I'm sure you could have fixed it without formatting. Generally boot in safe mode then use msconfig and remove suspisious looking entries. Alternatively boot normally and open the task list. Kill all tasks that you know aren't needed by the system and then run msconfig like earlier. To be safe if you found any strange entries in the task list write them down and search for them in regedit and then delete any entries you find.
Be sure to backup your registry first!
Then restart and see if it works right again. Also get an Adware scanner and remover to compliment your antivirus.
A VERY helpful adware-remover:
Lavasoft Ad-Aware
I thought the PCs at my home was adware free, but boy, did I get a suprise!
12 Files detected on my PC
117 Files on my younger brother's PC
231 Files on my youngest brother's PC! 8O
Lavasoft Ad-Aware
I thought the PCs at my home was adware free, but boy, did I get a suprise!
12 Files detected on my PC
117 Files on my younger brother's PC
231 Files on my youngest brother's PC! 8O
Where are you going the day you die?
Join me in Planeshift, A 100% Free MMORPG
My name is Ivar ingame.
Join me in Planeshift, A 100% Free MMORPG
My name is Ivar ingame.