September 19, 2006 3:58 PM PDT

Porn sites exploit new IE flaw

Related Stories

Attack code targets new IE hole

September 14, 2006

No fix yet for Word 2000 flaw

September 12, 2006

Microsoft mulls rushing out IE patch

March 24, 2006
Miscreants are using an unpatched security bug in Internet Explorer to install malicious software from rigged Web sites, experts warned Tuesday.

The vulnerability lies in the way IE 6 handles certain graphics. Malicious software can be loaded, unbeknownst to the user, onto a vulnerable Windows PC when the user clicks on a malicious link on a Web site or an e-mail message, several security companies said.

"Fully patched Internet Explorer browsers are vulnerable," Ken Dunham, director of the rapid response team at VeriSign's iDefense, said in an e-mailed statement. "This new zero-day attack is trivial to reproduce and has great potential for widespread Web-based attacks in the near future."

Security-monitoring companies Secunia and the French Security Incident Response Team have given the issue their most serious ratings.

Shady adult Web sites are among the first to exploit the IE vulnerability, Eric Sites, vice president of research and development at spyware specialist Sunbelt Software, wrote on a corporate blog. In one case, a malicious Web site used the exploit to install "epic loads of adware," according to Sunbelt.

Microsoft plans to fix the flaw as part of its monthly patching cycle on Oct. 10, the software giant said in a security advisory. The update might be released sooner, "depending on customer needs," Microsoft said. Typically, Microsoft only breaks its patch cycle when attacks are widespread.

The number of attacks may rise quickly, according to Web security company Websense. It appears that WebAttacker, a tool often used to create attack sites, has been fitted with the new exploit, Websense said in an e-mailed statement. "We have confirmed multiple, previously known, WebAttacker sites that are currently exploiting this vulnerability to install malicious software," Websense said. "We expect to see many of the several thousand WebAttacker sites begin to utilize the exploit, as they update to the latest release of the tool kit."

"Microsoft is aware that this vulnerability is being actively exploited," the company said in its advisory. While it works on an update, Microsoft recommends users keep their security software updated and take caution when browsing the Web. In its advisory, it also provides several workarounds to protect systems against the flaw.

The vulnerability lies in a Windows component called "vgx.dll." This component is meant to support Vector Markup Language documents in the operating system. VML is used for high-quality vector graphics on the Web.

This is the second known and unpatched flaw for IE to surface in as many weeks. Last week Microsoft confirmed a flaw in an ActiveX control related to multimedia. Attack code that exploits the flaw and could be used to hijack Windows PCs running IE 5 or IE 6 has been posted on the Net. Microsoft also has yet to provide a patch for a Word 2000 flaw being exploited in targeted cyberattacks.

See more CNET content tagged:
Websense Inc., malicious software, flaw, Sunbelt Software, exploit

54 comments

Join the conversation!
Add your comment
Solution?
Avoid porn sites.
Avoid illegal download sites.
Posted by groink_hi (380 comments )
Reply Link Flag
No clueless, the solution is to avoid I.E.!
<eom>
Posted by anarchyreigns (299 comments )
Link Flag
Avoid all images?
That's all well and good until some hacker breaks into a banner ad website and updates their ads with this vulnerbility. That has already happened with previous IE exploits and it may well happen with this one too.

So unless you plan on avoiding all sites with images, you're vulnerable if you use IE.
Posted by Hoser McMoose (182 comments )
Link Flag
Ooh! Ooh! Let me install Vista NOW!
Microsoft's answer to security flaws is to install
<a class="jive-link-external" href="http://www.teckmagazine.com/content/view/631/43/" target="_newWindow">http://www.teckmagazine.com/content/view/631/43/</a>
more flaws.
Posted by (156 comments )
Link Flag
Avoid MS products at all costs
The single most effective way to protect yourself is to never use Microsoft products. Even on the Windows OS, use an alternative browser.
Posted by extinctone (214 comments )
Reply Link Flag
Problem
If everyone avoids Windows, someone else will hold the controlling market share and become the target of these attacks.
Posted by djcaseley (85 comments )
Link Flag
Solution
I use Netscape 7.1 and have no problems and will soon be dual booting with Unbuntu Linux + XP Pro.
For protection i use Norton Internet Security so i have a bases covered. I also agree that porn sites and downloads from unknown sites means taking a big risk.
Posted by pipercub194123 (6 comments )
Reply Link Flag
Actually...
Norton is not the product it once was. Norton Internet Security has actually been proven useless by most security tests.

You can visit www.grc.com for software to test your security.
Posted by umbrae (1073 comments )
Link Flag
You will be safe if your IE security setting for internet zone if High.
According to the link in this article, <a class="jive-link-external" href="http://www.microsoft.com/technet/security/advisory/925568.mspx" target="_newWindow">http://www.microsoft.com/technet/security/advisory/925568.mspx</a> You will be safe if your IE security setting for internet zone if High.

It is a good practise to put your IE settings in Internet zone as "High", and then only allow "file download".

Then for sites that you really want to use a web site that require scripting or activeX control, add it to trusted site list.
Posted by fc11 (48 comments )
Reply Link Flag
12 years without a problem
I've been using Linux for 12 years
without a problem
without any antivirus.

I can go to any site I want to
without worrying.


<a class="jive-link-external" href="http://lxer.com/module/forums/t/23168/" target="_newWindow">http://lxer.com/module/forums/t/23168/</a>
Posted by cyber_rigger (70 comments )
Reply Link Flag
Using Windows 8 years with no problem
I am not old enought to use a computer for 12 years, but I have used Windows for 8 years with no problem.

If you allow active code from untrusted sites to excute in your browser, you may have some protection from the OS, but you are inherently in danger. You are safe using Linux because no one exploited Linux yet.
Posted by fc11 (48 comments )
Link Flag
Of course, you could always avoid Porn
Too.
Posted by technewsjunkie (1265 comments )
Reply Link Flag
...until someone compromises an ad-banner site
But that's been coverd before, ne?
Posted by Penguinisto (5042 comments )
Link Flag
So Microsoft can make hair grow on your palms?
The problem with avoiding all Microsoft products is that you can't You can run a safe web browser on a safe operating system, but some of the websites you go to will still be running IIS.
Posted by ralfthedog (1589 comments )
Reply Link Flag
Here come the Morality Police
Stuff like this is just such an obvious excuse for all of the almighty Morality Police to come along with their simple excuse like "avoid porn".

How about avoid I.E.??? Anyone still using that useless browser needs to get a clue. But telling people to "avoid porn" isn't the answer, all you holier then thou's out there.
Posted by Julie Allen (43 comments )
Reply Link Flag
Re: Here come the Morality Police
Uh, Julie...

Did I miss the part in that article where they said to stay away
from adult sights? I went back and read it a second time. I
didn't see it, though it wouldn't be the first time I missed
something like that.

They're simply saying that adult web sites are among the first to
make use of it. What's wrong with that?

But as for the browser, yea, no question there are more secure
browsers out there and they oughta be used...

Charles R. Whealton
Charles Whealton @ pleasedontspam.com
Posted by chuck_whealton (521 comments )
Link Flag
Poor headline = poor news
Why is the 1st word in the headline "Porn"? Simply because sex sells. Apparently the author thought this was just a boring story that no one would read, so they threw the word Porn in there to get readers. What is a "shady" adult web site? Would this be referring to just average porn or would it mean sites that contain child porn or prostitution? This headline would suggest that only porn sites are exploiting this error, and possibly that this is the first time porn sites exploit a flaw.

Because the focus on "porn", this story loses focus that it actually is a good story. It has surprisingly more detailed info than most. If that one word and one paragraph were removed, the author would actually seem intelligent and effective. Unfortunately, because of the focus (which is this only point the author chose not to explain fully) the author comes off as young and unexperienced, causing the story to quickly fade from memory, other than use in jokes.
Posted by mikeburek (418 comments )
Reply Link Flag
how nice... now welcome to the real world
In the last 6 years of maintaining unix/linux servers I have seen probably more than 500 hacked server running various flavors of linux and unix. When working with a very popular data center for a year, we would get anywhere from 10 - 50 calls a day requesting an OS Reload do to linux/unix hacking.

So don't give me the no viruses on *nix. Because linux/unix get hacked all the time just like windows. And as a linux user, you should know that... because you should be patching all the time also. If you don't I suggest not tellilng anyone your IP Address then....
Posted by aSiriusTHoTH (176 comments )
Reply Link Flag
nothing new here
There have always been endless endless endless exploits in Internet Explorer and in components that are loaded onto web pages. This is clearly nothing new. And unfortunately there isn't one damn thing anybody can do about it, I mean A ******* DUHR! All the criticism in the world cannot force the multi billion dollar corporation to work correctly. You just have to sit back and wait for another patch, or just use FireFox like most people seem to do nowadays. Better just get used to the big man ignoring your whimpers.
Posted by A Grand Delusion (1 comment )
Reply Link Flag
World of Warcraft stolen accounts?
Is this how people get their account information stolen from the popular MMORPG known as World of Warcraft? Some "hackers" post a URL on the game's forums with links that ressemble something like: <a class="jive-link-external" href="http://www.randomurl.com/randomfile.jpg.htm" target="_newWindow">http://www.randomurl.com/randomfile.jpg.htm</a>

They try to fake it by saying. "Hey guys check out this new World of Warcraft screenshot" and they sucker people into clicking on it. They are presented with a "Page cannot be displayed" page, but that means they were hacked! It installs a Keylogger software, someone in China gets their World of Warcraft info, enters their account, steals all their ingame currency, weapons and armor, then leave the account to rot.

This is only World of Warcraft!!! Imagine if you visit a site, any site, it installs a Keylogger, then suddenly your credit card is charged with thousands of dollars, your bank account info is hacked into and they transfer money from your savings, someone bids on hundreds of items on Ebay and you get your account banned, they hack into Paypal to transfer themselves thousands of dollars.

This is insane! And you don't click anything! You just visit a site, you get no warning, you get no pop-up, you see nothing! It just installs a software and automatically you are vulnerable to hackers! I can't believe internet is getting this dangerous to use!
Posted by jonathan_a (286 comments )
Reply Link Flag
Check this site out..
www.alwaysworkingpasswords.com

P0rn password everyday! WOO HOO!
Posted by baswwe (299 comments )
Link Flag
I own randomurl.com
I happen to own randomurl.com and do not like being accused of hacking. Please change this to example.com
Posted by RandomURL (2 comments )
Link Flag
Treat the Internet like Sex
Always treat the internet like sex. The best way to guarrantee 100% protection is simply not to connect to it at all.
Posted by thedreaming (573 comments )
Reply Link Flag
Well there goes away our freedom.
So I'm not really talking about porn sites, because I don't visit them. I'm talking about any kind of sites. I posted a commented regarding the game World of Warcraft. That is exactly what I'm doing right now! I'm "Avoiding" everything. If I see someone post a URL, I don't click on it. if I see someone use *******.com I don't click on it. if I see anyone trying to force me to click on something, I don't click on it!

Gee, there goes away our freedom! I avoid 100% of everything just to avoid the small percentage of not getting hacked!

Why doesn't Microsoft or anyone just fix it! Fix the damn problem rather than let the hackers win!

Should we threat the internet like sex? No! Cause there is no cure for STD's! But for the internet? It's called updates! It's called patches! It's called "Hey Microsoft!!! Learn to program software!!!" There are ways to fix it!
Posted by jonathan_a (286 comments )
Link Flag
Porn
Wise Up. There are over 3 1/2 million beastiality websites on Google alone. One of these website had over 900,000 images.
These women ARE NOT CONSENTING PARTICIPANTS!!!!!!!
They are being drugged with Rohypnol and raped. They DO NOT KNOW WHAT HAS HAPPENED TO THEM.
Rohypnol anaesthetizes the frontal lobe of the brain and leaves the motor skills, and primitive mind sections of the brain functioning.
The frontal lobe of the brain is where YOU, your values, your cognitive functions, your understanding, everything that make you the unique individual that you are is in your frontal lobe. Rohypnol is one of the benzodiazipines that does this. The DEA has changed the laws on possession of Rohypnol. If you are caught with one tablet of Rohypnol you are subject to a $250,000.00 fine and 25 years in jail. The DEA has openly stated that its only purpose is rape.
The porno pimpers are now using Abien as a replacement. Nice of the Pharmaceuticals to comply with the wishes of the multibillion dollar beastiality porn 'industry', isn't it.
These victims, including senior citizens in pallative care, are being drugged and raped with animals and the internet servers are dishing them like dog food. It is interesting that Google could filter this garbage out of their system for China but can't for North America. I have complained to them many, many times.
Many of these sites openly declare that they are rape sites. Our governments and our judicial systems, and our police forces seem quite complacent to allow the drugging, raping and videotaping, and full scale sexual slavery of our people. Every University dorm, every home, every hospital, pallative care unit, senior citizen complex, hospice, every bus, every public place, every bar, party, or social event is a prospective 'recruiting' area for the porno pimpers.

The Ontario Provincial Police, in Peterborough, Ontario, told me, "If you don't know it happened to you then it is not a crime." and "Nothing will ever be done to help you. "There is too much money in it."

Hey, get with the program. Let your wives, daughters, mothers, sisters, brothers and friends know what is happening and lobby the government to stop it. Put pressure on all the servers including Google, MSN, Yahoo, the whole lot of them to filter this garbage so the porno pimpers can no longer make millions off of these horrific, obscene, assaults that have been perpetrated on our people.

History will mark these abuses as amongst the most vile crimes against humanity ever perpetrated.
Posted by emeraldgate (53 comments )
Reply Link Flag
a little odd
that you are so well versed on these websites, who and how they recruit and so on. I've been online for many years (10+) and I have never, not once happened upon a bestiality porn site.. probably because I don't go looking for them? Get some sleep, if not for yourself for the rest of us!
Posted by Trent44 (1 comment )
Link Flag
I would report you for idiocy
But there's not a button for that. Anyone who believes half of your "so called facts" belongs in a looney bin. Resume your medication forthwith. If the number of bestiality sites on the web topped a few thousand I would be shocked. People generally don't believe people who exagerate by several hundred percent.

While there are indeed bad people out there you have let false information and hysteria unhinge your faculties.
Posted by PzkwVIb (462 comments )
Link Flag
Let them keep the flaw active!!!
With the use of computers so active these days. Young children are learning ways around the parent controls. By changing the words or phrases around to a different language.
When you get to half of these sites all it takes is a yes or no to whether your 18 or older. There is no police or anyone out here on cyberspace. To protect children from Porn. Like they do in stores. What I can say I am one age to do something online but be another. There is no proof. But, my word. Until they can pinpoint all IP NUMBERS and force people to register there names and the stuff like that porn is trash and should stay full of flaws and damage everyones computer that trolls threw it. It teaches 18 years to do webcam themselves for big bucks. This morale wrong!!!!
Posted by ntlc13 (1 comment )
Reply Link Flag
You have larger concerns to address...
before you rant about this you commie puke. First i would take a crash course in spelling starting fron the fifth grade level. Second you will then need to follow that up with remedial grammar again starting from the fifth grade level. Third, if you actually have children BE THEIR PARENT and take responsibility for their actions like actively monitoring what they are doing. Pukes like you **** me off. You sit back and rant incoherrently about aspects of your childs life you are too lazy to control yourself. If i had it my way you wouldn't be allowed to reproduce until you demonstrated a reasonable ammount of intelligence and comprehension for the actual task of raising a child. Lastly if your damned halfbreed offspring won't stay off the porn sites . take the computer away. Problem solved moron!
Posted by nuckelhedd (70 comments )
Link Flag
WITH P0RN - LOTS OF JOBLESS WOMEN!
Are you going to pay their welfare bill?
Posted by baswwe (299 comments )
Link Flag
porn site access does matter.
If M$ doesn't fix the flaw, they will be affecting sales of networking equipment and even their own OS.

IF you liked porn, would you visit those sites as long as something like this was around? I wouldn't. I'd also delay purchase of new equipment until Iknew that it was taken care of.

M$'s attempt to squeeze life into convenient parcels of time is hurting them. Imagine if the Fire department of your city said that they would only do rescues M-F.
Posted by bob donut (90 comments )
Reply Link Flag
its a bit opposite as CNET thinks
My solution is to avoid google search engine. Because if you type very popular and common words you will get list of sites with viruses on its top list.

Why porn sites would like to put out viruses on their servers ? If they will copy virus to clients browser he/she will never come back. Porn sites earn money, when viewers start to subscribe to them. If viewers are scared away, it means no subscription and no cash.

Yet, not all porn are put by porn makers and could be put by hackers with copied material from genuine porn site, just to lure viewers and get hits. So, they can post their virus on this site. In most cases you could get there from search engine, not by browsing.
Posted by prettylisa (13 comments )
Reply Link Flag
how you get there
Is my computer the only one in the country that has been hit with this garbage spam? In 1999, I ACCIDENTLY opened an email, and could not believe the terrible things I was seeing. I had taken physiological psychology in University, so I immediately knew that these people were not cognisent of what was happening to them. In half an hour, I found 5 women, I recognized from a nearby city. I KNOW these women NEVER consented to these assaults.

Why on earth is everyone so complacent about this issue??
Posted by emeraldgate (53 comments )
Link Flag
a bit opposite as CNET thinks
My solution is to avoid google search engine. Because if you type very popular and common words you will get list of sites with viruses on its top list.

Why porn sites would like to put out viruses on their servers ? If they will copy virus to clients browser he/she will never come back. Porn sites earn money, when viewers start to subscribe to them. If viewers are scared away, it means no subscription and no cash.

Yet, not all porn are put by porn makers and could be put by hackers with copied material from genuine porn site, just to lure viewers and get hits. So, they can post their virus on this site. In most cases you could get there from search engine, not by browsing.
Posted by prettylisa (13 comments )
Reply Link Flag
Wow - that made absolutely *no* sense...
At no point did your post ever come close to a rational argument. We are now that much dumber for having read it.

The article is about a security hole in IE, not people who are (seemingly) too inept to use a serch engine (properly).

Personally, if I never have to fire up IE or mess with .NET ever again, it will be too soon. Use FF or a more secure OS. A patch on Oct 10th? Give me a break!

Chris
Posted by cr33dog (1 comment )
Link Flag
Microsoft's irresponsible response time
The biggest problem here is Microsoft's irresponsible response time.

The flaw is rated as critical.

This CNet report came out Sep 19th.

Microsoft says they're planning on patching it with their regularly scheduled Oct 10th patches.

That's 21 days from the CNet Reported date to Microsoft's fix.

And exploit sites are already out there NOW.

And don't forget that by the time CNet receives the report, Microsoft has ALREADY been notified of the flaw and thus Microsoft's response time is greater than 21 days for a critical flaw while the rest of the security industry looks at 24 hours for critical and 72 hours for non-critical fixes.

But yet Microsoft continues to falsely claim that they're security concious!!!

GO FIGURE!!!

Walt
Posted by wbenton (522 comments )
Reply Link Flag
morality police
What kind of person are you that you could 'get off' on watching, drugged people, be done with animals? Yes, too bad there isn't Morality Police, then so many women wouldn't be being sold like sex slaves on the internet. Which is a violation of every single one of their human rights, and an infringement on the inherent copyright they hold on their own images.
Posted by emeraldgate (53 comments )
Reply Link Flag
I own randomurl.com
I happen to own randomurl.com and I don't try to hack anything. Please try using 'example.com'
Posted by RandomURL (2 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.