 |
 |
|
 |
|
|||
|
|||
|
|||
|
|
IE flaw exploited for MSN Messenger wormText says 'URGENT -- go to (URL) now' or 'ATTeNT!oN -- go to (URL) now'
By Joris Evers (IDG) -- A new worm that uses Microsoft's instant messenger application, MSN Messenger, to propagate has been spotted by several antivirus software vendors. The worm arrives in an instant message that contains text telling the recipient to go to one of several Web sites. The text says either "URGENT -- go to (URL) now," or "ATTeNT!oN -- go to (URL) now." Clicking on the URL link in the message opens a Web page with malicious JavaScript code that sends instant messages advertising the Web page, or other Web pages with the code, to all the MSN Messenger users on the user's contacts list, Symantec and F-Secure say in advisories.
Dubbed "JS.Menger.Worm" by Symantec and "Coolnow" by F-Secure, the worm sends instant messages, but does no damage to a user's system, the antivirus software vendors said. F-Secure is trying to shut down the sites hosting the malicious code before it becomes very widespread, the company said. The JavaScript code takes control of MSN Messenger by exploiting a known flaw in Microsoft's Internet Explorer (IE) Web browser. An example of how to stage such an attack was published last weekend by two European experts. That example was used to craft the worm, according to the experts. "The worm is a modified version of our example code. We never intended for anybody to copy the code, although we kind of expected it would happen," said Thor Larholm, one of the two Europeans who demonstrated how specially crafted code on a Web page could take over MSN Messenger. "We published the example to put pressure on Microsoft to patch vulnerabilities that they are fully aware of." Microsoft on Monday released a bundle of patches for IE that fixes the flaw used by the MSN Messenger worm, Larholm and the antivirus software vendors said. Still, a PC with IE is all but secure, according to Larholm. "The patch doesn't fix all the problems in IE. It fixes a lot, Microsoft deserves kudos for that, but there are still publicly known vulnerabilities, some two months old, that allow an attacker to read any local file and execute arbitrary commands on a user's system," Larholm said. Both Symantec and F-Secure have updated their antivirus products so they can detect the worm. No one at Microsoft was immediately available to comment. |
|
|
||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||||
|
RELATED STORIES:
• Microsoft investigating alleged flaw in browser
January 9, 2002 • Microsoft issues patch for hole in Web browser November 19, 2001 • New security hole found in Microsoft Internet Explorer November 23, 2000 • Microsoft releases patch to fix IE security hole July 6, 2000 RELATED IDG.net STORIES:
• Experts warn to expect more worms in 2002
(ITWorld.com) • Beware of vicious Valentine viruses (PCWorld.com) • Microsoft patches security holes, old and new (PCWorld.com) • ZaCker worm attacks security software (ITWorld.com) • Shoho worm adds, deletes files (ITWorld.com) • Microsoft offers new security partner program (ITWorld.com) • Reeezak worm offers holiday jeers (ITWorld.com) • MSN Messenger vulnerable through IE bug (InfoWorld.com) Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
TECHNOLOGY TOP STORIES:
• Report: SUVs pose danger to cars • New telemarketer tool trumps TeleZapper • Terra Lycos logs $2.2B loss • AOL to offer song downloads • Microsoft seeks fiscal fountain of youth (More) |
||||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||||
| Back to the top | |
© 2003 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved. Terms under which this service is provided to you. Read our privacy guidelines. Contact us. |
