07-01-2004, 03:34 AM
Quote:This has already been reported and posted, but the story keeps developing and we like to keep you updated:
Users are being told to avoid using Internet Explorer until Microsoft patches a serious security hole in it.
The loophole is being exploited to open a backdoor on a PC that could let criminals take control of a machine.
The threat of infection is so high because the code created to exploit the loophole has somehow been placed on many popular websites. Experts say the list of compromised sites involves banks, auction and price comparison firms and is growing fast.
Cert said: "Users should be aware that any website, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code."
In its round-up of the threat the Internet Storm Center bluntly stated that users should if possible "use a browser other then MS Internet Explorer until the current vulnerabilities in MSIE are patched."
It is unclear how the malicious code that exploits the weakness in Microsoft's Internet Explorer has been inserted on popular websites. What is known is that any Windows 2000 Server that does not have the MS04-011 security update installed and is running Internet Information Server could be at risk.
i suggest getting mozilla-firefox until this is patched
to scan for infection
Search for files called
Kk32.dll
Surf.dat
and keep anti-virus software up to date
http://news.bbc.co.uk/1/hi/technology/3840101.stm
http://www.microsoft.com/presspass/press...tement.asp