Web Virus

[Stupiddave99]

NEW YORK (June 25) - A mysterious Internet virus being spread Friday by hundreds and possibly thousands of infected Web sites may be aimed at stealing credit card and other valuable information, security experts warned.

The infection appears to take advantage of three separate flaws with Microsoft Corp. products. Microsoft said software updates to fix two of them had been released in April, but the third flaw was newly discovered and had no patch to fix it yet.

Experts said the infection, detected by Microsoft on Thursday, was unusually broad but wasn't substantially interfering with Internet traffic.

Security experts at Microsoft and elsewhere worked Friday to pin down how the infection spreads across Web sites. It appears to target at least one recent version of Microsoft software for operating Web sites - called Internet Information Server.

The infection makes subtle changes to the Web site so visitors get a piece of code that's designed to retrieve from a Russian Web site software that records a person's keystrokes and can send data back, experts say. Such software "Trojan horses'' are routinely used to fish for credit card numbers, bank accounts, passwords and the like.

Now that the code is out, other hackers are likely to adapt it to distribute software for spamming and for launching broad Internet attacks against popular Web sites, said Alfred Huger, senior director of engineering at security company Symantec Corp.

"Users should be aware that any Web site, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code,'' the U.S. Computer Emergency Readiness Team warned in an Internet alert.
   
Stephen Toulouse, a security program manager at Microsoft, recommended that computer owners obtain the latest security updates for Microsoft products and their anti-virus and firewall programs.

Because one flaw has yet to be fixed, he said, users should also turn up security settings on Microsoft's Internet Explorer browsers to the highest levels.

Security experts noted that users can avoid the exploit by using alternative browsers such as Mozilla and Opera. Users could also turn off the "Javascript'' feature on their Microsoft browsers, though doing so cripple functions on some sites.

The infection does not affect Macintosh versions of Internet Explorer.


06/25/04 13:09 E


Hope this didnt affect Pogo :-\

[Tupac]

it only effect I.e. ...... the gayesy web browser ever ateleast thas what the news said noone uses stupid i.e. n e way

[ZaLandCruiser]

IE  is very popular Tupac.

[bob@pogopal]

Za,

Don't you know? Those 99.3% of our customers don't count. lol Tupac only cares about the "normal" 0.7%

[ZaLandCruiser]

LOL, he musn't of looked at those stats yet :).