Another exploit targets IE7 bug

Trend Micro has warned that attackers are already exploiting a bug in IE 7 that was patched by Microsoft in the Security update last week with critical status.

Trend Micro researchers have spotted a small-scale attack in the weekend that exploits an IE 7 flaw to install a spy software that looks similar to the one that was sent to pro-Tibetan groups in January 2008. The malware XML_Dloadr.a is triggered when the user is tricked to open a malicious Word document that arrives in spam and uploads stolen information on port 443 to a site in China which acts as the hacker's command-and-control server.

Trend Micro says that there is a possibility that hackers have came up with a new exploit after Microsoft has patched a previously-unknown vulnerability as they know it takes users a while to patch, the most recent example being the Conficker worm. Even though Microsoft patched the vulnerability exploited by Conficker worm 4 months ago, the worm continued to spread to unpatched systems. Trend Micro warns users to patch systems with latest security updates as they consider this attack to be the forerunner of a larger campaign. Verisign's iDefense group too thinks that more attacks are likely and has alerted its customers.

Earlier Wolfgang Kandek, the chief technology officer at Qualys has called on Microsoft to cut the links between IE and Windows by patching IE separately and more often on a daily basis to protect users from attack. According to the security expert a browser is the heaviest used application that interacts with the Internet, and the most likely source of malicious content and that is why IE vulnerabilities should be given the highest priority and patched first.

Report a problem with article
Previous Story

Universal phone charger planned

Next Story

Windows 7 RC1 branch builds being compiled?

19 Comments

Commenting is disabled on this article.

MS needs to can IE completely, and steal... err... uhhh.... make a new browser from scratch, with full CSS3 and JS support. And maybe MS should de-integrate IE from Windows.

IE is most buggy component of Windows... Thank goodness alternative browser such as firefox exists. Also, i hate when patches for IE require me to reboot Windows whereas firefox updates itself without any trouble.

rakeshishere said,
IE is most buggy component of Windows... Thank goodness alternative browser such as firefox exists. Also, i hate when patches for IE require me to reboot Windows whereas firefox updates itself without any trouble.

This is because IE is so tightly wound in with Windows.

Firefox reboots itself, only difference is which is tied to the OS, Explorer uses IE to render alot of stuff, when IE gets updated it needs to register in Explorer also, why it reboots the system and Firefox reboots itself

MS did cut the links between IE and Windows with the release of Vista. IE runs in isolation/protected mode and so on.

But that aside, it's not like you only have to worry about your browser. IF they can find a hole in your A/V or your media player, then the only problem is how to get the user to click on a link in some spam email and have you install malware. And as we've seen, users seem to just click on anything they come across. It's such a shame.

GP007 said,
And as we've seen, users seem to just click on anything they come across. It's such a shame.

Yea, I agree. Even if UAC prompt comes up, how many users read whats there in the prompt? Very little

Because that prompt is so annoying coming up EVERY FREAKING TIME you click something, especially in Vista!

I turn auto updates of EVERY program there is off, immediately. I HATE that crap!!

What kind of rubbish software do you use cork? I just did a clean install on my new PC and I haven't seen a UAC prompt since the first day?

I think most people leave the WU setting alone though. I dunno how many average home users go and change that.

And if they do it's their own fault, not to mention their own fault for getting hit with spyware and spam and even opening something they got from spam email to begin with.

@GP007: You'd be surprised. Whenever I have to "fix" someones computer I notice that the Windows Update icon is always in the task bar, waiting to be clicked.

advancedboy said,
@GP007: You'd be surprised. Whenever I have to "fix" someones computer I notice that the Windows Update icon is always in the task bar, waiting to be clicked.

You are not kidding! I have been asked to fix old machines several times. One machine was about seven years old, and when I went to windows update to see if there were any updates available, I realized that this machine had never been updated in its life.

@Shiranui: Yep. I get some of those myself. Pretty bad when you hit upon an XP RTM system that has never gotten any patches on it.

personally i feel that windows should auto DL/install the patches when they come avaliable. or be like apple's *Security Fixes* patch notes.

a majority of all these viri spyware are from areas the MS told people are there but dont patch.
MS releases a patch, the viri/spyware hits that area. its like Ms says " hey here is how to get in ", but its more the fault of unpatched then MS imho