Critical IE 7 exploit making the rounds

Microsoft issued a critical security warning Tuesday that a malicious exploit is making the rounds and attacking vulnerabilities in Internet Explorer 7.

The risk is believed to be widespread, given that IE 7 is the latest version of Microsoft's browser and is bundled with XP service pack 3 and also Vista, said Dave Marcus, director of security research and communications for McAfee's Avert Labs.

The AZN Trojan, which has been making the rounds since the first week of December, has the potential of infecting users' system with a Trojan horse, or "downloaders" that can download other forms of malware onto a user's system.

Microsoft announced it will release a security patch Wednesday via its automatic update system to patch users computers.

Users can potentially get infected two ways, Marcus said. One is to visit a malicious Web site that already has the malware installed on the site, or visit a legitimate site, in which the attacker has inserted the malicious script to run in the background, leaving visitors unaware their systems have been compromised.

"A lot of Web sites are pushing out this exploit," Marcus noted. Some of the infected sites include Web sites that offer free wallpaper for mobile phones to sites that feature property to product-related sites.

Microsoft is encouraging users to update their systems once the patch is released Wednesday at 10 a.m. PDT.

[The_happy_switcher]

Microsoft continues to suck per usual. Countdown begins now as to how soon Anderson and Vegan boy Dan say it isn't MSFT fault.

[ferretboy88]

Have you heard of the many Quicktime and Safari holes and exploits? Those are like swiss cheese. We didn't need anymore Apple fanboy trolls we already had 10,000 around here. If you want us all to switch to Apple then you are going about it the wrong way.

[Vegaman_Dan]

Why wouldn't it be Microsoft's fault? It's their browser. The browser has the vulnerabilit and Microsoft is releasing a patch for it tomorrow.

The only thing that 'continues to suck' is your trolling attempt, it would appear.

[Eddie-c]

Apple trollboy, IE isn't the only browser that does VERY poorly with security. Instead of your head in the sand, or somewhere in an apple employees posterior, you should actually read security things such as http://www.info-svc.com/news/2008/12-12/ .... Oh look, Safari and Chrome are worse than IE ! (And I'm not a MS shill)

[Penguinisto]

You honestly don;t know anything about security, do you?

[EcuadorHomesOnline]

Sure, we all know that Safari and Chrome have the bigger security holes, but it's OH SO MUCH FUN to pick on Microsoft. It's become a national sport! As soon as another browser gets serious market share (greater than 30%), it will suddenly be the target of all the critical press (and the hackers as well - in the meantime, it's not worth thier effort).

[Vegaman_Dan]

Penguinisto wrote:

"You honestly don;t know anything about security, do you? "

Well, to be honest, based purely on your comments made both here and on Slashdot, neither do you. What are your qualifications?

[mgmacman]

Eddie-c, at least Apple is very responsive when it comes to issuing patches unlike Microsoft who has you wait 1 month later. If you like to talk about the browser's securtiy, I DARE YOU TO to try and load these 2 webpages: 1) http://www.deansplanet; and 2) http://www.bunnypoker.com on any of your web browsers to see what happens. First, load it with the Windows Safari, then load it with any other browser; and see if you will get a warning of how visiting these sites may harm your computer and the Google Safe Browsing Diagnostic Page. Safari is the only one that will have that warning along with the option of looking at the report for the Google Safe Browsing Diagnostic Page. Firefox 3 does not, nor does the Firefox 3.1 Beta 2 either, Opera does not, and certainly Internet Explorer does not either; all of these 3 will take you to the page immediately. FYI, I already know the results of this little test on the Windows side of my Mac with Kaspersky Internet Security Suite 9; just pray to God that your anti-virus software is updated.

[loose_screw]

Chrome worse that IE? HAHAHAHA

[Penguinisto]

@Dan:

I run three sites in North America with (so far, not counting workstations) 120+ servers, four Cisco 6509's (plus various switches, routers, an ASA rig, and an MPLS network ...and growing). I showed you mine - now show me yours (I know, I know - help desk, right?)

The point is simple: counting flaws is a sign of pure ignorance WRT to security. The vast majority of OSX and Linux flaws would (at best) require local access to the box (where all bets are off anyway no matter what operating system we're talking about). OTOH, an alarming (and much higher) percentage of Windows flaws allow remote exploitation... like the one in the article up there.

Do you wish to claim differently? If so, please provide supporting evidence for your claims.

/P

[Vegaman_Dan]

Penguinisto wrote:

"I run three sites in North America with (so far, not counting workstations) 120+ servers, four Cisco 6509's (plus various switches, routers, an ASA rig, and an MPLS network ...and growing). I showed you mine - now show me yours (I know, I know - help desk, right?)"

Okay, this appears to be Job Description 3372-A. Not be confused with the multiple other job descriptions you claim as well. :)

You last claimed to be working for a small startup company with 10 employees. I'm impressed that it has grown from a startup with 10 people to such a huge megacorporation as you have claimed. Way to go! Is this the same company that has the 10,000 plus workstations that you are responsible for converting from Windows to Linux desktops, or the one where you ran a publishing empire across several nations with billions in sales (which turned out to be a small children's book publisher in Oregon and nothing like his claim).

To verify your claim, it would be appreciated if you gave the name of the company. Otherwise it's just a story- one of many you tell. I'm not saying you're lying again, I'm just saying you have a history of telling stories and fabricating different backgrounds to suit the subject at the moment. If you could clarify this once and for all with a name of the company for verification, that would be awesome. Your qualifications don't really have anything to do with IT security, I note. As a screw driver tech, I support 35,000+ deskstops, more than 10,000 servers, and multiple data centers across the planet both remotely and in person. For sheer numbers of systems and diversity of those systems, I have you beaten down into the dirt so far that you could probably speak Chinese to the locals. Citing numbers of systems is meaningless, is my point. I support and work on far more machines than you do and I'm not an IT Security Professional- and unless you can cite your background training, education, industry certifications, and current employer that we can verify this with, then... well, your story is just that. A story.

"The point is simple: counting flaws is a sign of pure ignorance WRT to security. "

And yet you do this very thing in every post that you make when comparing the number of flaws in Windows versus OS X. Are you going back on your own word? Curious that you would change your story again here. Doesn't say much for being consistent or reliable in your comments there, does it?

If you don't want people to cite your own comments as an example, perhaps you may want to think twice about making them.

[Penguinisto]

Deny all you like, Dan - no skin off my nose, etc. It is entertaining to watch you invent stuff about me, though.

BTW, when you said: "And yet you do this very thing in every post that you make when comparing the number of flaws in Windows versus OS X. " , you lied... again. When I look at patch reports, I categorize them by severity and ease-of-exploitation. You sort of forgot that part. ;)

/P

[Eddie-c]

applerocks: Looks like apple went and done messed up ... http://www.theregister.co.uk/2008/12/16/mac_os_10_5_6_problems/ ;)

[Penguinisto]

"Most problems seem to arise when installing the Delta upgrade downloaded from Software Update: Numerous users found that update to be problematic, but the full Combo update available from Apple's website ran smoothly."

So, no web browser exploits in there turning Apples into zombies, then?

Go figure.

[jinx101a]

It's ironic that when Apple throws patches out for security holes it's "just a patch" but when MS puts it out it's "incompetence". Some of Microsoft's flaws are similiar to flaws found in FireFox and other browsers in the past but due to market share become extremly important. Even older versions of IE aren't getting targeted, only the one with the most market share. That's not a defense of Microsoft, but I'm tired of hearing Apple zealots puffing their chests in every article's comments regardless of the topic.

[The_happy_switcher]

When's the last time Apple software was responsible for letting people's identities get stolen? NEVER. So shut the **** up.

[Eddie-c]

re appletroll saying ****, if you read the security tests for Safari, I think it demonstrates Safari leaves the proverbial door ***wide*** open.

[Penguinisto]

" It's ironic that when Apple throws patches out for security holes it's "just a patch" but when MS puts it out it's "incompetence". "

Well, the difference is simple: Microsoft has yet to put out a patch for this particular (and actively exploited) security hole.

[Vegaman_Dan]

Penguinisto wrote:

"Well, the difference is simple: Microsoft has yet to put out a patch for this particular (and actively exploited) security hole."

And it's being released tomorrow. It's even right there in the article. Did you miss it? The patch has been in internal testing for nearly two weeks. You wouldn't be as ignorant and stupid as to recommend an OEM release a product without first testing it, would you? I mean really, it has been tested and will be released tomorrow.

Will you be retracting your statement tomorrow or continue to look foolish? Your call.

[Penguinisto]

"And it's being released tomorrow."

...meanwhile the flaw is being actively exploited.

This has less to do with MSFT's patching cycle than it does with the fact that such a flaw exists and can be exploited remotely in the first place. Defend your employer all you want, but seriously - what other browser + OS combination has ever had this kind of ease-of-penetration by script kiddies in history?

/P

[Vegaman_Dan]

Penguinisto:

Let's see- what is the most popular browser and OS out there in use today? Which is the most exploited?

It's pretty simple math that even a self proclaimed IT Security Professioanl such as you can figure out, I'm sure.

But good job at trying to change the subject instead of addressing the issue. When faced with an answer you don't like, you're good at trying to avoid it. You might consider politics for a profession. You'd be good at it.

The Penguinisto Party! Could be popular, you know.

[Dalkorian]

by Vegaman_Dan December 17, 2008 8:45 AM PST
Penguinisto:

Let's see- what is the most popular browser and OS out there in use today? Which is the most exploited?

----------------------------------------------------------------------------

Come on Dan, I thought you were smarter than that. Some facts to refute your "market share" argument - Mac OS 9 had viruses written for it and released "in the wild". OS X has not. OS X has been vastly more popular than OS 9.

Get it, or do we need to spell it out more carefully?

It's amazing how often winblows apologists pull that tired and repeatedly debunked argument out. Don't you have anything else to fabricate? Tell us again how "secure" winblows is.

[Eddie-c]

Opera has an update - today - for "extremely severe" vulnerabilities too ... http://www.theregister.co.uk/2008/12/16/opera_update/

[loose_screw]

So? Opera doesn't have the market share of resources that Microsoft does.

Methinks Microsoft's new marketing strategy is to hire a bunch of blog commenters to attack their competitors, based on what I've been seeing lately.

[The_happy_switcher]

I see Microsoft has unleashed it's moron defender brigade on CNet once again.

[Eddie-c]

How are some comments pointing out issues with other browsers a defender brigade applerocks? And I challenge your iq for being a simple troll. Get some real I.T. experience - and a clue.

[Penguinisto]

Whee! Let the defenders spin and the detractors defile!

Meanwhile I'll just continue counseling all the folks I know who are stuck with Windows, to just use Firefox, and only open IE for Windows Update.

/P

[Eddie-c]

penguinisto: picking up the apple troll torch for applerocks? oh, love the news btw about apple pulling out of macworld. roflmao!

[Penguinisto]

Nope - I carry no one's torch. I just enjoy putting the intellectual smack-down on the wannabes and trolls.

So... you gonna answer those questions up there, or just slink away from them, tail betwixt legs?

[Vegaman_Dan]

Well Penguinsito, you have the reputation for being a troll and spreading FUD here with the intention to deeceive others, so it fitgures you would post here with your MSFT bigotry. No real change here.

What is your financial incentive for these postings? Nobody has that amount of dedication (or lack of a personal life) as to spend nearly every waking moment waiting to pounce on any news or information about Microsoft in order to spread your hatred to all. I would hate to think you're doing this for no money- that would indicate your really don't have a life.

Just curious behind your motives. I'm curious to see yoru answer to this. What you answer will say a lot about you.

[Penguinisto]

I see that Eddie has crawled away, as Dan valiantly tries to take his place... heh. ;)

BTW, Dan, no bigotry here, and your claim is a slap at those who suffer actual bigotry. Please stop using inappropriate and overblown descriptions.

Also, you assume too much - I merely post here for fun.

[drummer51689]

Applerocks: you are really pathetic.... do you just sit on here and wait for a Microsoft article?? get a life and a girlfriend seriously man to keep you off of here :)

drummer

[ferretboy88]

Apple users want us all to be like them. Live in our parents basement, turn liberal("funny") and use only one type of computer. Sorry, I use them all and I don't let Steve Jobs tell me what to do or when to do it.

[ballmerisanape]

Actually, a Mac can run all of the mainstream Operating Systems naively..... Your the one that's using "one type of computer"... not Mac users. Also, being a Microsoft Zombie (literally and figuratively) does not exactly paint the picture of choice.. or even cognition...

[solitare_pax]

Look, you may as well load up on all the darned browsers out there - IE, Forefox, Chrome, Opera, WHATEVER - and switch from one to the other as the media screams that there's a hole in one of the other. That way you can keep the virus-coders guessing which one you're using.

Most every browser is free these days anyways - why are you expecting them to work perfectly?

[Vegaman_Dan]

So the patch will be released tomorrow, December 17th after being fully tested internally. What does this mean when a company discovers a security issue, works on a remedy, tests that solution before releasing it publically to make sure it doens't cause even more harm, and then sending it out to the public?

Responsibility.

Apple does this as well. Does this mean that Apple is as guilty as Microsoft for having the nerve to release OS and product patches? If you are quick to yell at Microsoft for releasing a patch, then you must do the same for Apple or have to defend your doublestandard.

Curious.

[MSSlayer]

Took them long enough, and this is good speed for MS.

It is not uncommon for MS to take years to release a patch.

The only thing that is curious is why MS pays you money when you don't have the first clue about computers and software.

[timber2005]

Woah Woah! ERROR IN ARTICLE! IE7 is NOT BUNDLED WITH SP3!!!!
If you have a clean install of XP and install SP3, it will still be IE6.

[Ebeale]

I noticed that as well. IE 7 is NOT bundled with SP3

[rigved123]

gr8 m thanx for the info cnet.

similar-

Mozilla Firefox, The Newest Threat To Internet Explorer -

http://www.techreviews4u.com/?p=2277

[MSSlayer]

Hopefully the patch is simply a firefox installer.

[Vegaman_Dan]

Why not install Safari, Opera, or Chrome instead of Firefox?

[Dalkorian]

Any one of them is a MAJOR security improvement over internet exploder, Dan. You know it, I know it and a number of other posters here know it. There is a reason IE needs to be taken behind the woodshed and shot repeatedly until it stops moving - OS integration.

[TF_kj]

Interestingly, the 0day has been known to be ITW since last Tuesday.
http://blog.threatfire.com/2008/12/internet-explorer-70-0day.html

I think that we are seeing limits of Msoft's patching efforts -- they just seem overloaded right now. This hole should have been patched last week. But the huge list of patches they already covered has kept them busy.
There are good reasons why this 0day was going for $15,000. Patching it has a clear urgency.
This one has been hot for over a week and it will be distributed for months to come -- the same sites using this ie7 0day are also reliably attacking the two year old MS06-014 vulnerability as well.

Btw, Firefox and Opera selectively are being attacked by these sites as well. Just not 0day. Chrome predictably will be next on the list, as it gains traction.

[fdunn3]

@Peguinisto:

In every forum space I have seen your posts you are bashing the comment ahead of you and every subsequent reply, no matter whether it concisely corrects you with the facts.

You have so many conflicting posts that demonstrate that you are just a comment troll.

I would suggest to ALL readers of forums and Article feedback to just ignore him and his comments, just don't answer him as it is as productive as talking to a wall. Facts don't mean anything to him; it is all about him trying to build up his ego.

Peguinisto I suggest the following applies to your posts and you should not argue for the sake of argument.
"It's better to not say anything at all and appear ignorant than to open your mouth (keyboard in these instances) and remove all doubt".

You truly have an psychological insecurity and for allegedly having such an array of different jobs and responsibilities (depending on the post) it seems that you have a lot of empty time on your hands.

This is the only comment I will post so show everybody how "Intelligent" you are and bash this post to pieces.

[Penguinisto]

Hiya Fred Dunn! (how many sock-puppet clone accounts do you need, anyway?)

Screaming for folks to ignore me doesn't refute the facts and logic that I present.

The truth can get uncomfortable for you folks sometimes... I understand that. But maybe you should be screaming for MSFT to remedy things so that the truth isn;t as uncomfortable for you?

[yodawg9]

See the problem with apple users is that they think that they are EXEMPT from all kinds of virus', malware, spyware, and grayware. When in fact nobody really wants to hack into this computer because more then likely the only thing that it has on it is Family Photos' and some browsing history on facebook. When people attempt and continually try to break windows it is for the good stuff (credit cards, Social Security, Background info) stuff that is worth something. So you can preach about how "secure" your piece of fruit is, but fact is you are just not a target, and you paid way to much for your device.

[Penguinisto]

"See the problem with apple users is that they think that they are EXEMPT from all kinds of virus', malware, spyware, and grayware"

So far, we are. Prove otherwise, please. ;)

[kai7070]

Just saw a funny video of what happens to people w/o proper protection... even SANTA!

http://www.viddler.com/explore/SantaFraud1/videos/2/