SANS - Internet Storm Center - Cooperative Cyber Threat Monitor And Alert System - Current Infosec News and Analysis: A large number of web sites, some of them quite popular, were compromised earlier this week to distribute malicious code. The attacker uploaded a small file with javascript to infected web sites, and altered the web server configuration to append the script to all files served by the web server. The Storm Center and others are still investigating the method used to compromise the servers. Several server administrators reported that they were fully patched.
If a user visited an infected site, the javascript delivered by the site would instruct the user's browser to download an executable from a Russian web site and install it. Different executables were observed. These trojan horse programs include keystroke loggers, proxy servers and other back doors providing full access to the infected system.
The javascript uses a so far unpatched vulnerability in MSIE to download and execute the code. No warning will be displayed. The user does not have to click on any links. Just visiting an infected site will trigger the exploit.
After hearing that news today, I decided it was time to look into using a different browser that is not tied to IE. For a while, I had been using MYIE2, but it is just a front end for IE. After searching around, I finally decided on FireFox and so far, have been very happy with that decision. I was surprised at its speed and flexibility. After just a few minutes, I was able to track down a Google toolbar and a Yahoo toolbar. Now I have all the features that was making me hang onto IE.
Now all I have to do is convince my wife to give it a try. She hates it when I start changing things on the computer :)
No comments:
Post a Comment