New Malware Causes Concern
NetSec Inc. has detected a new vulnerability that is infecting users of Microsoft Windows with malware. By visiting a malicious website with the Internet Explorer web browser, users can become silently infected with arbitrary code that is embedded in images on web pages. Once installed, the code begins to log keystrokes and then calls home to servers which then upload even more payload onto infected systems.
The attack, called Download.Ject, exploits previously known flaws in Internet Information Services (IIS) and Internet Explorer. Preview versions of Windows XP Service Pack 2 are not affected by the Download.Ject. Microsoft recommends that all customers download the latest security updates, keep virus definitions up to date and configure a firewall.
Commenting on the vulnerability, Jeremiah Grossman, an information security expert at WhiteHat Security told BetaNews, "The presence and danger of web browser security vulnerabilities have been well-known (in both IE and NS) for years. However, the degree in which they are now being exploited is reaching alarming heights."
Grossman continued, "Microsoft's Trustworthy Computing initiative, while a step in the right direction, has yielded very little protection when it comes to browsing web pages. More needs to be done here to protect the average web user for attack. Surf the web and get a virus cannot be allowed to continue.
"At the moment, the best the industry can recommend is use an alternative to Internet Explorer, such as Firebird, Mozilla or Opera."