TechSpot

MySpace.com infects 10^6 users

By jobeard
Jul 21, 2006
  1. July 20, 2006 (IDG News Service) -- More than 1 million users of MySpace.com and other Web sites may have been infected with adware spread by a banner advertisement, according to iDefense, a computer security group.

    The advertisement, for a site called deckoutyourdeck.com, appeared in user profiles on MySpace, an online community with at least 70 million users, said Ken Dunham, director of the rapid response team at iDefense, which is owned by VeriSign Inc.

    The ad exploits a problem in the way Microsoft Corp.'s Internet Explorer browser handles Windows Metafile (WMF) image files.

    The browser vulnerability raised alarms in December after hackers distributed a specially crafted WMF image through e-mail, instant messaging links and Web sites. If the image was opened, it could allow a hacker to gain control over a victim's computer.

    There are at least 600 Web sites that take advantage of the WMF vulnerability, Dunham said. Microsoft issued a patch for the problem in January, but many consumer computers may not have applied the patch, leaving them unprotected.
     
  2. Peddant

    Peddant TS Rookie Posts: 1,446

    Just in case anyone is unsure if they are vulnerable - the patch is HERE

    The quickfix is: Un-register Shimgvw.dll : Click Start,Run, type regsvr32 -u %windir%\system32\shimgvw.dll, and then click OK.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...