Take a look at this :
http://www.theregister.co.uk/2004/06...hits_websites/

Summary, many websites have been hacked and are auto downloading malicous code onto PC's via the browsers of people who vist the sites. Confrimed by various security organisations and the US government.

I think this will have me switching the browser om my XP machine to Opera.


UPDATE - >

Microsoft's take: http://www.microsoft.com/security/in...load_ject.mspx

And Sophos : http://www.sophos.co.uk/virusinfo/ar...scobalert.html

As always:

Keep your firewall up and running when browsing the net.
Keep Anti-virus software up to date
Don't open any suspcious attachments EVEN IF it comes from someone you know.
Don't click on any links in emails that tell you your credit card/password/blah is about to expire and you must fill out an online form.
Use popup blockers (free one at toolbar.google.com)

There are ways & means to tell if your machine has been compromised, I'll find the common ones and post a list here along with some common (& free!) fixes.

--
Gary Williams.

All good advice Gary , but what concerned me enough to post this is that when I read up on it this one looked like it would (Or already has) by pass a lot of those precautions as it was installed when you visited a website, no pop up, no form to complete, no email attachment.

Comming in as a component of a requested web page it would by pass the firewall, unless you were not using a fully up to date Internet Explorer with the security settings set to well past paranoid.

Basically I am usually cocky / careful enough to think i'll be unlikley to be directly affected by this sort of thing and this one made me think hard. Especially once I saw that it had been around for a while before the major AV houses got onto it.

Probably the easiest way for most users to protect themselves after installing a firewall and anti-virus software would be to use something other than IE for web browsing. FireFox, Opera and Mozilla are all decent browsers. Avant Browser and MyIE2 are basically just new skins for IE, so they are just as susceptible to these flaws. Keep IE for going to Windows update to get security patches, or for the few banks that don't allow any other browser to be used, otherwise don't open it at all.

goates

PS - Or buy a Mac...

There is no particular point in getting too upset about this. For ie and outlook this type of thing is not a bug it's a feature. Windows doesn't seem be too be much of a problem (just annoying crashes) if you don't connect to the internet.

If you need/want internet access don't use windows use linux or a mac.

I run a mixed network of Windows, Linux and other platforms and they each have security flaws (especially Samba on Linux or some of the FTP server suites.....)

At the end of the day if you want to get a machine on the Internet you have GOT to be paranoid.

I'm in the fortunate situation where I can use automatic patch management tools to ensure that my machines are up to date.

I'd strongly suggest that anyone who uses windows goes and pays a visit to windowsupdate.microsoft.com and once it has installed all of it's patches you scan it AGAIN.
This is because some newer patches NEED components of older ones. Not ideal but thats what we have

--
Gary.

Memetic,

Another great reason to run a firewall and keep your computer up to date with the latest patches from M$.

Take Care,

Richard

Lot of sites I use, including my company website only work in IE, its a bitch, I'm all macced up and use Safari for day to day stuff.

I presume mac IE is immune from this latest microsoft balls up?

Interesting article on this attack :

http://www.theregister.co.uk/2004/06/28/ie_is_complex/

By the way, thier is still no patch ...

Memetic,

The official M$ word:




Richard

Microsoft's next 'offical' patch release day is Tuesday July 13th...... Interesting to see if they rush out an emergency hotifx.


--
Gary Williams.

Gary,

My guess is M$ is just stalling until they can write the new code.

Take Care,

Richard

In fairness to MS they do have multiple code branches to test and that alone can take several weeks.

--
Gary.

There is no protection against stuff like CWS that enters your machine via scripting. The way forward is to detect the identities of the individuals who are writinbg this !!!!! and assassinate them.

Ordinarily, I'm not in favour of killing people but in this case its the only way.

BTW I'm deadly serious. If I ever find out who you are, I can knock you off from up to 1200 meters. B*stards!

Blacksheep,

I have one better for you. Lets take all these guys, toss in the Virus/Trojan/Worm writers too, and put them all on the same island. We cut them off from the Internet that the rest of the world has, we give them their own Island Internet. (Give each of them a computer.) Let them all have at it till they knock themselves out.

Take Care,

Richard

P.S. Thinking about it a little more, lets drop all the spammers in that island too.