Avast WEBforum

Other => General Topics => Topic started by: drhayden1 on October 01, 2006, 11:12:23 PM

Title: Cybercrooks add Windows flaw to arsenal
Post by: drhayden1 on October 01, 2006, 11:12:23 PM
Attackers have added another, yet-to-be-patched Windows flaw to their arsenal, experts warned Saturday.

Cybercrooks have started exploiting a flaw in the Windows Shell only days after sample attack code for the vulnerability surfaced. Web sites that exploit the vulnerability are popping up and attempt to load malicious software onto vulnerable Windows PCs in a way that is undetectable to users, experts said.

"There are professionals at work using the exploit code," security firm Websense said in an alert. The miscreants taking advantage of the flaw appear to be part of the same group that in December used another Windows flaw to hoist spyware onto PCs, Websense said. That flaw stemmed from the way Windows handled Windows Metafile, or WMF images.

Microsoft warned of the Windows Shell flaw on Thursday. The flaw affects Windows 2000, Windows XP and Windows Server 2003, and could be exploited via the Internet Explorer Web browser through a component called WebViewFolderIcon

http://news.zdnet.com/2100-1009_22-6121584.html
Title: Re: Cybercrooks add Windows flaw to arsenal
Post by: polonus on October 02, 2006, 12:58:12 AM
Hi drhayden1,

Funny that MS gives the advice to use one of the alternate browsers to avoid this flaw until the patch comes out. The IE browser is showing its brittleness now every day.

polonus
Title: Re: Cybercrooks add Windows flaw to arsenal
Post by: bob3160 on October 02, 2006, 03:06:32 AM
Hi drhayden1,

Funny that MS gives the advice to use one of the alternate browsers to avoid this flaw until the patch comes out. The IE browser is showing its brittleness now every day.

polonus
polonus,
MS said nothing about using another browser.
The Quote in that article was as follows:
Quote
Windows users can protect themselves by following the guidance Microsoft gives in its advisory, switching to a non-Microsoft Web browser, or installing security software such as Exploit Prevention Labs' SocketShield.

Please note the comma after "following the guidance Microsoft gives in its advisory" and "to a non-Microsoft Web browser" .
These are 2 separate statements made by the writer of this article.
It isn't something said by Microsoft.