MS software allows massive web attacks

[Xeen]

A big internet attack this week has INFECTED many web sites.

 

quote:The attack is more dangerous than most, because infection is possible just by visiting affected Web sites

 

quote: The attackers, whose identities are unknown, targeted a flaw in Web sites powered by Microsoft's Internet Information Services Web server (IIS). The sites hit by the attack were programmed to redirect the Explorer browser to another Web site that contains code that hackers use to record what people type on their keyboards -- including data such as passwords, credit card and Social Security numbers. The code then e-mails that information back to the attackers. Computers that run Microsoft's Internet Explorer browsers are vulnerable to infection

Great job as always, Bill.      


Cyber security departments are also concerned that terrorists might attempt to do some kind of internet attack. If that happens, I wonder if we can invade Microsoft Corp for some regime change for "sponsoring" terror.

Article

[ June 25, 2004: Message edited by: xeen ]

[Orethrius]

I find it particularly choice that after this:
 

quote:*snip*
 CERT recommends that Internet Explorer users consider different browsers such as Mozilla Firefox, Netscape Communicator or Opera. For people who continue to use Internet Explorer, CERT and Microsoft recommend setting the browser's security setting to "high."
*snip*

they would go on to detail the method for protecting MSIE against the problem.  MSIE *IS* the problem, and you have the foremost in government agencies telling you that in legalese!

Edit: Actually, upon more careful review, it's worse - you have the foremost in government agencies TELLING YOU to switch from MSIE.  What more do you need, a written invitation - signed, sealed, and delivered?

[ June 25, 2004: Message edited by: Midnight Candidate ]

[solarismka]

Wow thats just priceless.  

So much for it being the endusers3rdpartyhardwaresoftware's fault.

 

[WMD]

A single attack hitting two MS products.  Damn, this is a good one...

So an IIS site gets attacked...the site then reroutes IE users to a site that 0wns their computers.  

[solarismka]

quote:Originally posted by WMD:
A single attack hitting two MS products.  Damn, this is a good one...

So an IIS site gets attacked...the site then reroutes IE users to a site that 0wns their computers.    

Its a very clever idea, wish I thought of it      

[Refalm]

My website is hosted on IIS. I'm looking for another hosting company, but I can't find anything better  

[Orethrius]

NBC-11 is going to be doing a story on this very subject.  I'd say that I expect them to blow it out of proportion, but there's really no way to do that (unless, of course, they make the infamous "e-mail subject line virus" connection).  For the most part, however bad they may report this as being, this is actually WORSE.  I expect to hear about a Linux user that has been rounded up in a DoJ movement against "virus authors."  Way to go Microsoft, A-number-one shit here.  If you can't tell that's sarcasm, you might need a CAT scan to check for activity.  Not just unusual, ANY.

Edit: I just got a copy of McLain's "Runner" source - I wonder if this couldn't be reversed and used in conjunction with what we know about the hooks this keylogger uses (assuming I don't have it confused with something possibly unrelated that happened to me whilst browsing shopathome.com) to create an antibody?  Definitely worth looking into...

[ June 26, 2004: Message edited by: Midnight Candidate ]