digg

Facebook Connect Join Digg About
See the original image at news.cnet.com

New exploit targets IE 7 hole patched last week

news.cnet.com Windows users are being urged to get the latest Microsoft security update or risk getting attacked via a hole in IE 7 that can be exploited to install a backdoor.

Who dugg this? Made popular Feb 18, 2009

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

56 Comments

show profanity settings
expand all
  • bubbles19518, on 02/18/2009, -0/+22It just did
  • carterx, on 02/18/2009, -5/+27The fix:
    http://www.mozilla.com/en-US/products/firefox/
  • Kazumato, on 02/18/2009, -9/+29http://www.getfirefox.net/
  • Biscuitz, on 02/18/2009, -5/+25Or just switch to Firefox.
  • MrViklund, on 02/18/2009, -2/+17Good thing it's targeting a patched hole and not a new hole.

    Lets get this to the front page!
  • purplesawdust, on 02/18/2009, -13/+28This will never get on front page. I mean, it doesn't apply to anyone on Digg.
  • Biscuitz, on 02/18/2009, -2/+14Sucks for IE users. Glad I don't use it anymore.
  • inactive, on 02/18/2009, -5/+16Nothing new in the world of IE. They really shoulda ditched the Trident engine when making 7 anyway.
  • vuke69, on 02/18/2009, -9/+18Yawn...
    Another day, another exploit for Microsoft's most secure browser yet.

    Friends don't let friends use IE (or windows).
  • inactive, on 02/18/2009, -1/+9@purples
    You have been served.
  • TritonX, on 02/18/2009, -4/+11yawn
  • Mofassa, on 02/18/2009, -3/+10I'm not sure if you looked at how this attack works - but it requires someone to download and manually execute malicious code. If you're running files from email that you don't know what they are and who they're from - it doesn't matter if the code is exploiting IE, firefox, or attacking your system directly - at that level it's the fault of a dumb user.

    Even linux systems could be compromised if the user ran a file that started deleting things, or a key logger to grab passwords etc. even if the user isn't in root. This exploit relies completely on user stupidity, the fact that it's going through IE is almost of no consequence.
  • jjheath, on 02/18/2009, -4/+10I....E? what?
  • astrotrain, on 02/18/2009, -1/+7Internet Exploder...
  • Meocross, on 02/18/2009, -0/+51. We hate Mic0$of↕

    2. Firefox has Adblock plus
  • wisedude, on 02/18/2009, -3/+8Good thing I still use IE6
  • inactive, on 02/18/2009, -0/+5It's just generic exploit code, so the URL's will probably change between each page
    Your better off blocking the signature with an IDS
  • raydeen, on 02/18/2009, -0/+4Patch your system and SCAN attachments BEFORE you open them. And avoid Norton and McAfee. Get AVG, NOD, or any of the other lesser known but more functional anti-virus programs. Don't use IE. Read dialog boxes, don't just blindly click. Windows has vulnerabilities but the main one is sitting in the chair madly clicking that mouse. I use OS X, Ubuntu and XP and surf fairly dirty on all three, but it's been at least a decade since I've had a virus totally fubar Windows. Knowledge and common sense are the best defense against all the foulware out there.
  • raveye, on 02/18/2009, -1/+4same ol' same ol'
  • jerkychew, on 02/18/2009, -1/+4As much as I love the "get Firefox" and "dump Windows" rhetoric here at Digg, the article itself is a little low on details. Does anybody know what web sites the code contacts so we can block it on the firewall level? I'm sure some percentage of our 10,000 workstations are going to get infected and I'd like to block the URLs before things get out of control.
  • Mofassa, on 02/18/2009, -1/+3I don't know why you're being dugg up unluckier..to quote the article..

    "The malicious code, which Trend Micro named "XML_DLOADR.A," is hidden in a Word document. On unpatched systems, when the file is opened an ActiveX object automatically accesses a Web site to open a backdoor that installs a .DLL (dynamic link library) file that can steal information"

    Or to translate...

    You open a Word Doc - which calls an ActiveX object to take you to a website to install a dll. Meaning, if this activex object is not run, this exploit does nothing. How do you avoid running this ActiveX object, you don't open the Word Document that contains the malicious code.

    Sure this specific exploit is using the backdoor in IE to access this trouble causing dll, but considering this is activated via a word document running an ActiveX object due to the user opening this Word document - this object could just have easily ftp-ed a file from a remote location and run that instead, or millions of other ways malicious code can damage a system.
  • astrotrain, on 02/18/2009, -2/+4Dugg for the Vista Virus joke.
  • scriptcoder, on 02/18/2009, -0/+2Actually Norton 2009 is pretty good. I've been running it on my home PC and so far so good.

    It's very light as well.
  • unluckier, on 02/18/2009, -1/+3The comments here talking about not using IE anymore are a bit concerning. If IE is on your system (i.e., you're running Windows), then you're at risk if your system is not up to date with patches. The attack vector that is described involves a malicious DOC file that uses ActiveX to load a page with the IE engine. So even if you're a firefox-only user, you'd still be at risk if your system is unpatched.
  • jpsoraire, on 02/18/2009, -6/+8Everyone go to http://www.windowsupdate.com/ and please do your update
  • garionw, on 02/18/2009, -1/+3where do you work? Microsoft?
  • MacParrot, on 02/18/2009, -1/+3Agreed. I'm running Vista via Bootcamp and use AVG and keep it up to date. If someone manages to get a virus like this these days they really have no one to blame but themselves
  • w3ber, on 02/18/2009, -0/+2it's ok but i switched to Bit Defender
  • NinjaBoy, on 02/18/2009, -1/+3Anyone know if this effects IE8?
  • w3ber, on 02/18/2009, -1/+3ActiveX
  • rakeshishere, on 02/18/2009, -3/+4IE is most buggy component of Windows... Thank goodness alternative browser such as firefox exists. Also, i hate when patches for IE require me to reboot Windows whereas firefox updates itself without any trouble.
  • stuffradio, on 02/18/2009, -0/+1I stopped using it when it kept crashing on me. Then I was like, ah screw it and I switched to FF. I used FF at school, but I used IE at home for some reason.
  • redaphid, on 02/19/2009, -0/+1I'm not digging you down because I'm a windows user, I'm digging you down because you're an ass.
  • Leviathan433, on 02/18/2009, -3/+4And yet my firefox works just fine.
  • dazparkour, on 02/18/2009, -1/+2"Id Est" or "That is".
  • Noxxten, on 02/19/2009, -0/+1So the people using IE 7 can live yet longer? I say we let the virus ravage and destroy their computers. Least that way, we'll have less of them. Some may even see the light and switch to Firefox, Opera, or Chrome.
  • matt.rubin, on 02/18/2009, -2/+2IE7: I would like to install a backdoor if you know what I mean.
  • bigbangbuddha, on 02/18/2009, -2/+2One reason IE gets exploited so much is the patch pushing scheme. Windows has a global auto update but unfortunately its going off all the time and many of the updates are related to office, media center or portions of the OS that are rarely (if ever) used so its typically ignored (and for some disabled, yikes). FF on the other hand, updates itself. I prefer this mechanism. If I use Firefox it will be updated otherwise it doesn't bother me. FF has security holes as well (just look at the update notes) but since they are patched regularly and in the background it doesn't hinder flow. Just every once in a while I get a popup saying that I should restart firefox, great! better than having to wait 30 minutes and restarting windows for the latest Cyrillic font fix in Access.

    I am very surprised Microsoft has not figured this out yet. Their apps and os team need to look at the XBox live crew for hints. They don't patch games you're not playing, so why does windows (and Apple) force app updates down your throat if you don't need them. Annoyance never leads to compliance, only to dissidence.
  • raustin, on 02/18/2009, -8/+8Is anyone surprised? Ah Windows...
  • unluckier, on 02/18/2009, -3/+3I'm not sure that you looked at how the attack works either, Mofassa.
    There is a vulnerability in IE7 that is being exploited. Code execution as the result of the IE7 engine processing a web page. There is no manual downloading and executing going on here.
  • FyberOptic, on 02/18/2009, -1/+1I lol'd. You hit the nail on the head, though. People just want to hate Microsoft, when really, Linux is just as vulnerable when you look at security history. But when you have 1% of the market share, nobody wants to hack you via the web front, cause it's a waste of time and resources.

    Servers, that's another story. Doesn't take much for anyone to realize that Linux has been the recipient of many vulnerabilities over the years. Where do you think "rootkit" originated from?

    Can't tell Digg that Linux isn't perfect, though. They just can't see it.
  • aimhelix, on 02/19/2009, -1/+1The best IE patch you can download for your safety is called "Firefox". Download it and patch IE with it. Dont click the funny blue 'e' icon. Click your new funny orange earth w/an orange dog icon.
  • NobodyWhoCares, on 02/18/2009, -2/+2^^ This post above me about sums it up nicely. A security hole in Windows or IE? This is hardly news. Besides, if you're still using IE you're kind of asking for it anyway. Plenty of replacements out there that are nowhere near as bad security wise.
  • unluckier, on 02/18/2009, -1/+1If you would have read the article, you'd realize that it doesn't matter if you use IE or not with this attack. As long as it's on your system, you're at risk.
  • datdamonfoo, on 02/18/2009, -2/+2How is this important? Next thing you know, they'll be warning of the dangers of Netbus
  • Hacktivist, on 02/18/2009, -7/+6There really is no winning for Microsoft in most of your eyes. A hole that has already been patched is exploited a week later and Microsoft is still the foul evil corporation that is just so cool to hate. I'm going to take a copy of plain XP before SP1 and reverse engineer all the patches since then and write articles stating how XP is the most insecure operating system ever! It will be like a candy store for digg users.
  • TrancePhreak, on 02/18/2009, -3/+1An exploit on an already patched bug... do you want people to bring up the ones for FF also?
  • frishackbanned, on 02/18/2009, -4/+2you're such a fag
  • nonymous666, on 02/18/2009, -5/+2Oh no! Another IE exploit that nobody will actually ever exploit!
  • Fetching more discussions...
    Show 51 - 57 of 57 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.