Jump to content
  • Revista PROGRAMAR: Já está disponível a edição #60 da revista programar. Faz já o download aqui!

herakty

ALERTA New zero-day involves IE, puts Windows XP users at risk

Recommended Posts

herakty

atenção a quem ainda usa o XP... e reparem em algo que tenho falado que é o facto de se ser infectado apenas por visitar um site...

podem ter firewalls, no scripts, anti-virus... tudo... mesmo assim, como ainda não há correcção, se visitarem um site preparado com o exploit vão ser infectados

e podem ser infectados pelo que o cracker quiser... pode ser um worm, um Virus, o que for, pois permite "code execution"

  Microsoft on Sunday confirmed it's investigating an unpatched bug in VBScript that hackers could exploit to plant malware on Windows XP machines running Internet Explorer (IE).

The flaw could be used by attackers to inject malicious code onto victims' PCs, said Maurycy Prodeus, the Polish security analyst with iSEC Security Research who revealed the vulnerability and posted attack code on Friday.

Users running IE7 or the newer IE8 are at risk, said Prodeus.

Microsoft noted it's already on the case. "Microsoft is investigating new public claims of a vulnerability involving the use of VBScript and Windows Help files within Internet Explorer," said Jerry Bryant, a senior manager with the Microsoft Security Response Center (MSRC), in an e-mail Sunday. *The current state of our investigations shows that Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2, are not affected."

Bryant added that Microsoft has not yet seen any evidence of attacks exploiting the vulnerability.

Prodeus called the bug a "logic flaw," and said attackers could exploit it by feeding users malicious code disguised as a Windows help file -- such files have a ".hlp" extension -- then convincing them to press the F1 key when a pop-up appeared. He rated the vulnerability as "medium" because of the required user interaction.

"First an attacker needs to force a victim to visit a malicious Web page," Prodeus said in an e-mail Sunday. "The victim must be using Windows XP [and] Internet Explorer. A bit of social engineering is required to persuade the victim to push F1 button when [a] VBScript pop-up is displayed."

http://www.computerworld.com/s/article/9163298/New_zero_day_involves_IE_puts_Windows_XP_users_at_risk?source=CTWNLE_nlt_security_2010-03-01

teckV

Share this post


Link to post
Share on other sites
herakty

reforço o alerta do rui carlos mas deixa-me acrescentar alguma info importante, pois já testei em ambiente virtual o exploit e sei das suas limitações e dificuldades de implementação...

e fora isto basta terem isto em mente

atenção que é apenas quando clicam na tecla de help (F1) que podem ser vitimas deste ataque

senão confiarem no site onde estão NUNCA CLIQUEM NO F1 para aceder ao file de help

de resto não há problema

teckV

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

By using this site you accept our Terms of Use and Privacy Policy. We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.