# Wednesday, June 30, 2004
New security threat
not again

Update: Patch for part of the problem:
http://www.microsoft.com/downloads/details.aspx?FamilyId=4D056748-C538-46F6-B7C8-2FBFD0D237E3&displaylang=en

On line news sources have picked up ISC's warning of a new threat to IE users which could allow hackers to steal on line banking passwords.  The code exploits a combination of a hole in unpatched IIS web servers to install malicious pop ups and a hole in IE to install a program via that pop up. The installed program watches for connections to a specific set of banking sites and logs the username and password (yet another reason everyone should get a pop up blocker, I'm so glad XP SP2 comes with pop up blocking as part of its greatly enhanced security).

Unfortunately the articles don't do anything to help users understand what they should do to protect themselves from this attack or even if there is anything they can do. The reason for this lack of info is there is little users can do to defend against this exploit, even for advanced users. This is very scary to users of any level.

So… what should users do?  Here are my suggestions (yeah, these are my suggestions, my employer hasn't approved them etc.)

Users of Windows XP can protect themselves by upgrading to Windows XP service pack 2, RC2 (RC2 means “release candidate 2”, i.e. it’s not the final version). Early adopters may rejoice and the braver among you may jump on board. I’ve been running SP2 for a while now and my personal opinion is: RC2 is great, but just in case you should back up your stuff and choose the install option which allows you to remove it if you have second thoughts later on. Unfortunately SP2 RC2 is a “preview” and isn’t supported by us yet. :(

Users should also review the ISC list of targeted bank URLs (scroll down through the report to find the list). If users have visited any of those sites recently they should seriously consider changing their banking password. By the law of averages users who get frequent pop up advertisements are the most at risk (regardless of the type of site you visit).

For users of earlier versions of Windows or people who aren’t willing to install the unsupported RC2 release there isn’t a fix yet, but there will be a fix in a couple weeks (no date has been announced yet). To help protect users until the patch has been fully tested Microsoft is working with law enforcement to shut down all the sites known to be hosting the exploit.

On a related note, if you don't update your system regularly, you really should.  I've set Windows to automatically update my machines every night at 3am if needed.  Some worry automatic updates will cause problems but here’s my anecdotal data: I’ve been running automated updates on my very non-standard PC (a dual processor, 500 MHz Celeron with additional hardware that hasn’t been approved for Windows 2000 much less XP) for as long as it’s been available – I have never had a problem caused by the automatic updates.  Besides, the problems created by not updating far outweigh the possible problems you might encounter with the automatic updates.  Also, the automatic updates don't include hardware drivers in the vast majority of cases (and it's the hardware driver updates that cause many upgrade problems people encounter).

Some more details from ZDNet: http://zdnet.com.com/2100-1105_2-5251981.html?tag=nl

 

Microsoft | Security

Posted by Reeves  Wednesday, June 30, 2004 3:04:45 PM (Pacific Standard Time, UTC-08:00)
#    Disclaimer  |  Comments [1]  |  Tracked by:
"free poker" (free poker) [Trackback]
"online poker" (online poker) [Trackback]
"party poker" (party poker) [Trackback]
"cash advance" (cash advance) [Trackback]
"viagra" (viagra) [Trackback]
"free slots" (free slots) [Trackback]
"online casinos" (online casinos) [Trackback]
"roulette" (roulette) [Trackback]
"slot machines" (slot machines) [Trackback]
"play texas holdem online free" (play texas holdem online free) [Trackback]
"how to win online party poker" (how to win online party poker) [Trackback]
"free poker" (free poker) [Trackback]
"online gambling" (online gambling) [Trackback]
"online poker" (online poker) [Trackback]
"online casino" (online casino) [Trackback]
"poker online for free" (poker online for free) [Trackback]
"free online poker game texas Holdem casino" (free online poker game texas Holde... [Trackback]
"pacific poker texas holdem" (pacific poker texas holdem) [Trackback]
"Free Texas Holdem Poker Game Download" (Free Texas Holdem Poker Game Download) [Trackback]
"online poker" (online poker) [Trackback]
"play free texas holdem online" (play free texas holdem online) [Trackback]
"texas hold em" (texas hold em) [Trackback]
"texas holdem" (texas holdem) [Trackback]
"Free Poker Games to Play Online" (Free Poker Games to Play Online) [Trackback]
"Real People online poker games" (Real People online poker games) [Trackback]
"hand ranking poker" (hand ranking poker) [Trackback]
"stormpayonline poker" (stormpayonline poker) [Trackback]
"video poker training program" (video poker training program) [Trackback]
"weight loss drugs harm me" (weight loss drugs harm me) [Trackback]
"Atlantic City Texas Holdem Poker Tourn" (Atlantic City Texas Holdem Poker Tourn... [Trackback]
"free strip online poker video" (free strip online poker video) [Trackback]
"bonus code deposit party poker" (bonus code deposit party poker) [Trackback]
"free poker" (free poker) [Trackback]
"free poker games to play online" (free poker games to play online) [Trackback]
"party poker" (party poker) [Trackback]
"phentermine" (phentermine) [Trackback]
"loans" (loans) [Trackback]
"blackjack" (blackjack) [Trackback]
"slot machines" (slot machines) [Trackback]
"pacific poker bonus code" (pacific poker bonus code) [Trackback]
"carribean stud poker for free" (carribean stud poker for free) [Trackback]
"cheating star poker" (cheating star poker) [Trackback]
"poker texas holdem free" (poker texas holdem free) [Trackback]
"Free Poker Stars Chips" (Free Poker Stars Chips) [Trackback]
"roulette" (roulette) [Trackback]