Author Topic: Zero day security hole in IE7 enables Trojan downloads!  (Read 2613 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Maybe Bot
  • *****
  • Posts: 31947
  • malware fighter
Zero day security hole in IE7 enables Trojan downloads!
« on: December 09, 2008, 10:55:15 PM »
Hi malware fighters,

Computers with a fully updated and patched version of Internet Explorer 7 are infected by Trojans through a zero day security hole. For the moment only the Chinese version of IE7 is involved, but the exploit code is out in the open. An unknown number of Chinese users of IE7 were infected by the malware. AV-vendor McAfee mentions "many Internet users" "being hit by Downloader-AZN trojan:
http://vil.nai.com/vil/content/v_141069.htm

The problem is caused by IE7 not handling certain XML tags properly, causing a heap overflow. The hole has been acknowledged on fully patched versions of XP SP3 and Vista SP1. When active the Trojan changes the hosts file, so victims can't any longer go to certain websites, it also tries to disable a number of av-scanners and tries to download additional malware. The bug references already freed memory in the mshtml.dll file. According to IDG News, exploits work about one in three times, and only after a victim has visited a website that serves a malicious piece of javascript,
So watch your clicks, the zero-day report: http://www.scanw.com/blog/archives/303

pol
« Last Edit: December 09, 2008, 11:24:11 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Jtaylor83

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1066
Re: Zero day security hole in IE7 enables Trojan downloads!
« Reply #1 on: December 10, 2008, 12:23:21 AM »
I hope the full release of IE8 or Firefox 3.1 comes out.
Avast 6.0, MalwareByte's Anti-Malware, CCleaner, Defraggler, DownloadHelper, WOT, NoScript, KeyScrambler, Thunderbird, Firefox, Windows XP SP3.

Offline bob3160

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 41967
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Zero day security hole in IE7 enables Trojan downloads!
« Reply #2 on: December 10, 2008, 12:50:10 AM »
Damien,
What if your running IE8 on Windows 7 build 6956 ???
Do I still have to worry ?
Free avast! Security Seminar: https://goo.gl/kh3cqR  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq