Hi malware fighters,
Computers with a fully updated and patched version of Internet Explorer 7 are infected by Trojans through a zero day security hole. For the moment only the Chinese version of IE7 is involved, but the exploit code is out in the open. An unknown number of Chinese users of IE7 were infected by the malware. AV-vendor McAfee mentions "many Internet users" "being hit by Downloader-AZN trojan:
http://vil.nai.com/vil/content/v_141069.htmThe problem is caused by IE7 not handling certain XML tags properly, causing a heap overflow. The hole has been acknowledged on fully patched versions of XP SP3 and Vista SP1. When active the Trojan changes the hosts file, so victims can't any longer go to certain websites, it also tries to disable a number of av-scanners and tries to download additional malware. The bug references already freed memory in the mshtml.dll file. According to IDG News, exploits work about one in three times, and only after a victim has visited a website that serves a malicious piece of javascript,
So watch your clicks, the zero-day report:
http://www.scanw.com/blog/archives/303pol
