Trojan horse threatens latest Windows XP

By Robert Lemos
Staff Writer, CNET News

Share
- Digg
- Del.icio.us
- Reddit
- Facebook
- Google
- Newsvine
- Yahoo! Bookmarks
- Twitter
- Stumbleupon
E-mail
Print

Related Stories: Exploits released for new Windows flaws
December 23, 2004; Net threats spur action on browser front
December 9, 2004; School's out to shun IE
December 9, 2004; IE flaw may boost rival browsers
June 28, 2004

Online miscreants have released a Trojan horse that can infect computers running Microsoft's Windows XP, installing programs to remotely control a victim's system.

The program--dubbed "Phel," an anagram of "Help"--infects visitors to a maliciously-created Web site through Internet Explorer's Help controls, Symantec warned in an advisory this week. A bug in the malicious program may prevent it from infecting some computers, the security company said.

The Trojan horse exploits a vulnerability, found in October, in how Internet Explorer and Windows XP Service Pack 2 handle help files called from Web pages.

The flaw is unrelated to the recent help-file flaws outed by a Chinese security company last week. In that instance, Microsoft took the Chinese security group to task for disclosing the vulnerability without giving the company a chance to develop a way to fix the problem.

"Microsoft is working to forensically analyze the malicious code in Phel and will work with law enforcement to identify and bring to justice those responsible for this malicious activity," a company spokesperson said.

A patch is not yet available from Microsoft for the October flaw, nor the most recent flaws, but the software giant said its programmers are working on the issue.

"Microsoft is taking this vulnerability very seriously, and an update to correct the vulnerability is currently in development," the spokesperson said. "We will release the security update when the development and testing process is complete, and the update is found to effectively correct the vulnerability."

Microsoft has had significant problems securing its Web browser in 2004. As a result, the freely available open-source browser Firefox has gained market share. Security experts have recommended that computer users consider other browsers and some schools have told their students to use a non-Microsoft browser.

The Symantec advisory can be found on the company's Web site.

See more CNET content tagged:
trojan horse, spokesperson, vulnerability, Microsoft Windows XP Service Pack, Microsoft Windows XP Service Pack 2

Add a Comment (Log in or register) 6 comments

Maybe...
by DeathMagnet December 29, 2004 9:26 PM PST: Microsoft should be spending more time looking at their own code to prevent these type of vulnerabilities instead of trying to 'look' like the good guy by chasing the culprit down.; Reply to this comment View reply
Processing

OH MY GOD!!!
by olePigeon December 30, 2004 7:16 PM PST: ... I'll continue using my Mac.; Reply to this comment View reply
Processing

Latest tech news headlines

Google to appeal German copyright decision
Posted in News - Digital Media by Greg Sandoval

October 13, 2008 2:49 PM PDT
Mozilla launches Developer Tools Lab for the open Web
Posted in Webware by Don Reisinger

October 13, 2008 2:32 PM PDT
New laws track child predators online
Posted in News - Politics and Law by Stephanie Condon

October 13, 2008 2:26 PM PDT
See all headlines

Resource center from CNET News sponsors

You Need The Speed of Norton 2009

Introducing Norton Internet Security™2009

With one-click, one-minute install, under 8MB of memory usage and fewer, shorter scans, it's the fastest security suite anywhere. Norton. Smart Security, Engineered for Speed. Get a FREE trial today!

The Fastest Security Suite Anywhere

Experience the revolutionary Norton Internet Security™ 2009. With Norton™ Insight, a new feature, you get precision security that targets only at risk files for fewer, faster, shorter scans

Win a Trip to Space!*

Enter the Blast Off with Norton Sweepstakes for your shot at a trip to space. You could experience being fast and weightless, just like the new Norton 2009. *No purchase necessary; click for full details.

FREE Trial!

Act now to get your FREE trial of Norton Internet Security 2009. Try it for the protection. Love it for the speed

Norton Safe Web NEW!

A community-based system that rates web site safety

Norton Labs NEW!

Users can download new security technologies and share input directly with developers. Help us shape our future products!

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Inside CNET News

Scroll Left Scroll Right

News - Business Tech
Dow soars with Apple, Microsoft among double-digit gainers
Investors cheered Monday as the beleaguered index gets back up above the 9,000 mark by surging 936 points in its largest single-day point gain ever.
Gallery
Photos: Top 10 reviews of the week
News - Apple
Apple notebook event: Live blog at 10 a.m. PDT Tuesday
We'll be at Apple headquarters for the announcement and live-blogging the event, where news of a redesigned MacBook and MacBook Pro are all but assured.
News - Microsoft
Microsoft: Mac buyers pay Apple tax
Ahead of what many expect to be the introduction of cheaper Macs, a top Windows exec says Apple users pay hidden costs.
Video
Sprint launches Xohm WiMax
News - Digital Media
Google to appeal German copyright decision
German courts rule in favor of content owners in two separate cases Monday, both having to do with display of copyrighted content in thumbnails attached to search results.
Video
Talking with Newt Gingrich on tech, bailout
News - Politics and Law
New laws track child predators online
Two laws the president signed Monday will increase the coordination between Internet companies and law enforcement to track sex offenders online.
News - Cutting Edge
'60 Minutes' video: Drone warfare in Iraq
UAVs like the Predator are a highly valued asset for the U.S. military as it pursues "fleeting and perishable" targets. Lesley Stahl reports.
Gallery
Photos: Cracking open Apple's revamped iPod Nano
Crave
'StarCraft 2' is now 3
Blizzard Entertainment splits StarCraft II into three separate games.
Green Tech
Green news harvest: 'Black silicon' solar cells
Plus: SiOnyx unveils enhanced silicon, Bloom Energy steps ahead with fuel cell, tough days for public clean-energy companies, and the nuclear fallout from falling stock market.