Exploit in Windows more severe than initial estimates

By Justin Mann on December 30, 2005, 12:18 PM
The same flaw we heard about earlier this week is now thought to be more servere than initial estimates. Microsoft has issued a statement over the flaw saying it is a serious issue that has no fix yet, and that merely visiting a website on an updated Windows machine can still result in the machine being exploited. We don't have an ETA from Microsoft as to when a patch will be made available, though provided you don't go looking for malicious sites to begin with it is unlikely you will be compromised. The exploit is now being used to install software rather than just infect the machine, and is being exploited via e-mail as well. Hopefully a patch will arrive soon.




User Comments: 28

Got something to say? Post a comment
drozen20 said:
i hope that the sobig equivlent to this exploit does not come out. when NYC lost power i predicted that it was the cause of the DCOM virus called sobig.i hope nothing like this happens again.
canadian said:
Yea, this is the one where if you have a body onload, and a java script  window() function together, internet explorer crashes, and people can apparently execute programs using that crash.For those of you who wish to know more, read this:[url]http://www.computerterrorism.com/research/ie/ct21-
1-2005[/url]
Nodsu said:
MS kindly fails to mention that you are safe when not using IE or the Google Toolbar :p
shoe3k said:
I work for a big healthcare company and many users using windows xp home with sp2 and who all use I.E. This kind of exploit can hinder us considerably. Its amazing to see how XP keeps getting exploited like this.
nimo333 said:
What's so special about this news above?
spike said:
Could this be the one that causes them to think about issuing a third service pack?
mtyson8 said:
I have never believed 100% on anti-virus programs. I belive that if any pro hacker wants to put out viruses then he can, even if microsoft fixes this. How are hackers able to outsmart microsoft top progmrs and tech and engr? The answer lies at the end of this whole comment. I mean, how do viruses get out in offices if they all have anti-virus corporate edition? It makes no sense to me.See, it is far easier to destroy than to create.
spike said:
It happens due to a common error that resides between the chair and the keyboard more often than not. It is easier to destroy than create, but that's just why there are more people working on the creation side of things. AV vendors will always play catchup with the latest threat - it's not possible to write a definition for something that doesn't exist yet.
barfarf said:
Heuristics. Is supposed to detect a new virus before it hits. NOD32 anti virus in the past have been most successful in finding and stoping unknown viruses.
tkteo said:
Can someone please confirm if Google Search Toolbar for IE *and* Google Desktop are *both* affected?
otmakus said:
The way MS announcing that it is a flaw on their product and there is no fix available is kind of annoying to me. It's like they feel they don't have to hurry to fix it, because everyone will still buy their products, flaw or not.
cyrax said:
Thank you microsoft for giving us yet another year of unsafe and buggy software. Please don't feel free to pat yourselves on the back.
Craftos said:
I've been attacked by this exploit and had 4 trojans installed in no time, including Spy Sheriff (sic!). Not to everybody - Symantec Antivirus is useless (as usual). For Nth time it has done nothing, just displayed popup that some trojan has been detected (AFTER it installedi itself), with text "Action: Leave it as is". - !!!!!. No kill, do delete file options, no action possible. I've thought it has at least killed trojans' processes but they were happily running in Task Manager. :(
realblackstuff said:
It should be known by now, that if you value your PC's health,you do NOT use IE, you do NOT use Outlook or Outlook Express,you do NOT use Hotmail, Yahoo-mail, Gmail etc.,you do NOT install anything from Symantec/Norton, you do NOT use any Messenger programs, you do NOT install any Google/Yahoo etc. toolbars
Nodsu said:
I would imagine that any program opening .wmf files is vulnerable. WMF is a MS proprietary format and most likely all these apps use the Windows supplied library functions to parse the opened files.I think Google Toolbar is a very good example of how bad automation is. Something doing some dark magic behind your back and you don't have much to say about anything..
Handyman said:
Why can't peole just stick with JPG? I'm still not shure if Firefox is affected by it. And do you think that it might be possible that Microsoft hasn't released a patch yet because they are on holiday? [quote] For Nth time it has done nothing, just displayed popup that some trojan has been detected (AFTER it installedi itself), with text "Action: Leave it as is". - !!!!!. No kill, do delete file options, no action possible. I've thought it has at least killed trojans' processes but they were happily running in Task Manager. :([/quote]You're not alone. It happened to me too yesterday. Bitdefender 9 Professional is just as efficient in this situation as Norton Antivirus. By the way my yahoo account has also been hacked recently.
mentaljedi said:
Its okay, my computer is full of bugs but ican't be bothered to get rid of them becaues more just keep coming. My computer is surviving on System Restore at the moment and Safe mode...
Mictlantecuhtli said:
[b]Originally posted by mentaljedi:[/b][quote]Its okay, my computer is full of bugs but ican't be bothered to get rid of them becaues more just keep coming.[/quote]What a lovely attitude :P
realblackstuff said:
[b]Originally posted by mentaljedi:[/b][quote]My computer is surviving on System Restore at the moment and Safe mode...[/quote]Don't you realise it's ignorants like you that keep on infecting more and more PCs?Take the finger out and clean up your PC or reinstall it!
DragonMaster said:
[quote]you do NOT use IE,[/quote]Check[quote]you do NOT use Outlook or Outlook Express,[/quote]Check[quote]you do NOT use Hotmail, Yahoo-mail, Gmail etc.,[/quote]Not Hotmail but the two others. It doesn't matter if I use Yahoo, G-Mail or not, it's just the fact that if I type my e-mail I find it on Google.Means: Use a different e-mail for newsgroup. (I don't do this)BUT, even if you do nothing, you'll get spam on Hotmail.[quote]you do NOT install anything from Symantec/Norton,[/quote]Check[quote]you do NOT use any Messenger programs,[/quote]I'm logged to 4 IM accounts right now but they are never used.[quote]you do NOT install any Google/Yahoo etc. toolbars[/quote]Check
spike said:
[b]Originally posted by realblackstuff:[/b][quoteDon't you realise it's ignorants like you that keep on infecting more and more PCs?Take the finger out and clean up your PC or reinstall it![/quote]Absolutely - It's ignorants that don't do this that make the situation in the first place - and if such people actually took some basic security measures and used a little common sense, they're pretty unlikely to get seriously infected ever again.
raystorm said:
I must be lucky ..or its just my common sense and paranoia that enabled me to avoid viruses in the 7 years I've own computers. So many folks out there just install things without reading the fine print though I can't fault all of them as they simply don't understand everything about computers. I'm sure there are plenty of folks with broadband connections that don't even know what a firewall is.You should see my brother's pc!! Its a mess!! So much malware installed but I showed him everything that he needs to do to avoid junk in the future and how to properly maintain and clean his pc.
realblackstuff said:
[b]For those who care:[/b] there IS an immediate fix available[url]http://www.techspot.com/news/19961-unofficial-
atch-for-the-windows-wmf-0day-exploit.html[/url]This should be made compulsory!
Mictlantecuhtli said:
[b]Originally posted by realblackstuff:[/b][quote]It should be known by now, that if you value your PC's health,you do NOT use IE, you do NOT use Outlook or Outlook Express,you do NOT use Hotmail, Yahoo-mail, Gmail etc.,you do NOT install anything from Symantec/Norton, you do NOT use any Messenger programs, you do NOT install any Google/Yahoo etc. toolbars[/quote]Sounds like you'd like to get rid of computers completely. Would we still be allowed to communicate via cellphones, or should we just write letters?
vigilante said:
lol Mictlantecuhtli.Or to sum up, don't use anythin MS gives you for free. Download all 3rd party (better) software.You can't use your cell phone anymore, because the radiation will give your kids 11 fingers and 3 ears. This generation needs better writing skills anyway.If you value your PCs health, I have a simpler solution:STOP VISITING CRAP WEB SITES, CLICKING ON ADS, LOOKING FOR PORN OR NAKED MOVIE STARS. STOP LOOKING FOR FREE MUSIC, FREE MOVIES, FREE GAMES, FREE SOFTWARE, FREE SCREEN SAVERS, FREE MOUSE CURSORS.GET YOUR TEENAGERS OFF THE FREAKEN CHAT ROOMS AND KAZAA AND INSTAND MESSENGERS.Never mind the software you have installed, just don't do those things in the first place.Believe me, because I clean malware everyday, it doesn't take a genious to see how someone got infected, by taking a quick peek in the temp internet files or who created their cookies.SAFE browsing maintains a SAFE PCs. Simple. This isn't about, use better software so I can keep getting the crap that's out there. It's about not going to the crap in the first place. Legit web sites don't dump crap on your PC. Bad ones do.Oh, and for those of you who chat with Yahoo and MSN and ICQ and AOL and all others, check out TRILLIAN, it holds all your accounts in one chat app. I use that :)
MonkeyMan said:
You know, these viruses are just notorious to computer systems. I hope Microsoft releases a patch very soon, because I'm sure I may get this virus sooner or later. Even worse, there is no patch for it, so you may have to reinstall windows if you become infected.
luismigilbert said:
raystorm is right...the last time i got virus running on my computer was summer of 69..hehe..it was on 1990 i think...i didn't like to install antivirus or stuff like that...since last year i'm using mcafee and it's perfect if you keep it up to date..try antispywares too
xerowingsx5k said:
[b]Originally posted by vigilante:[/b][quote]lol Mictlantecuhtli.Or to sum up, don't use anythin MS gives you for free. Download all 3rd party (better) software.You can't use your cell phone anymore, because the radiation will give your kids 11 fingers and 3 ears. This generation needs better writing skills anyway.If you value your PCs health, I have a simpler solution:STOP VISITING CRAP WEB SITES, CLICKING ON ADS, LOOKING FOR PORN OR NAKED MOVIE STARS. STOP LOOKING FOR FREE MUSIC, FREE MOVIES, FREE GAMES, FREE SOFTWARE, FREE SCREEN SAVERS, FREE MOUSE CURSORS.GET YOUR TEENAGERS OFF THE FREAKEN CHAT ROOMS AND KAZAA AND INSTAND MESSENGERS.Never mind the software you have installed, just don't do those things in the first place.Believe me, because I clean malware everyday, it doesn't take a genious to see how someone got infected, by taking a quick peek in the temp internet files or who created their cookies.SAFE browsing maintains a SAFE PCs. Simple. This isn't about, use better software so I can keep getting the crap that's out there. It's about not going to the crap in the first place. Legit web sites don't dump crap on your PC. Bad ones do.Oh, and for those of you who chat with Yahoo and MSN and ICQ and AOL and all others, check out TRILLIAN, it holds all your accounts in one chat app. I use that :)[/quote]I concur. I also think GAIM is a good multi-chat client subsitute. As for the exploit... it's Windows... what did you expect?
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.