On TechRepublic: 12 tech terms that make you sound old
BNET Business Network:
BNET
TechRepublic
ZDNet
118 TalkBacks

By Joris Evers
Posted on ZDNet News: Mar 31, 2006 2:04:00 AM

Cybercrooks are spamming e-mail messages to trick people into visiting malicious Web sites that exploit a recent Internet Explorer flaw, experts warned Thursday.

The Web sites take advantage of the vulnerability in the omnipresent Microsoft Web browser to install a keystroke logger on vulnerable computers, according to San Diego-based Websense Security Labs.

"This keylogger monitors activity on various financial Web sites and uploads captured information back to the attacker," Websense said in an alert. The malicious software could capture log-in names and passwords for the sites, information criminals could sell or possibly use to plunder a victim's account.

The e-mail messages used to lure people to the Web sites contain excerpts from BBC news stories and offer a link to "read more," Websense said. This link leads to a forged BBC Web page where the malicious software is dropped onto a vulnerable PC by exploiting the "createTextRange()" vulnerability in IE, according to Websense's alert.

The vulnerability has to do with how Internet Explorer handles the createTextRange() tag in Web pages. Since the flaw was disclosed publicly last week, more than 200 Web sites have been found to exploit it. These sites typically install spyware, remote control software and Trojan horses on vulnerable PCs.

Microsoft has said it is working on a fix for the browser. That update is currently scheduled for delivery April 11, Microsoft's regular monthly patch day. However, the Redmond, Wash., company has said it's considering an earlier release.

Meanwhile, two security companies have beaten Microsoft to the punch. eEye Digital Security and Determina both released unofficial fixes for the IE flaw earlier this week. Experts, however, have warned users to be cautious with non-Microsoft fixes and instead suggest using a Web browser other than IE, or disabling Active Scripting, which is also Microsoft's advice.

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 118 Talkback(s)
Why put up
http://www.analogstereo.com/subaru_legacy_owners_manual.htm... (Read the rest)
Posted by: uk_forum@... Posted on: 05/26/07 You are currently: a Guest | | Terms of Use
NOW would be a good time...  Tony Agudo | 03/30/06
Excellent post !  I'm Ye, the MS SHILL . | 03/30/06
NOW would be a good time to switch to Firefox.  DonnieBoy | 03/31/06
Until the next Firefox hole  Confused by religion | 03/31/06
But Milly,  zmud | 03/31/06
Look around!  friedcow | 03/31/06
Wow, you really had to hit the archives for that one!  handydan918 | 03/31/06
I remember that one  zmud | 03/31/06
You mean "First", not "Next".  OhMyGosh | 03/31/06
I think "Next" works in that context  brble | 03/31/06
Still, right NOW, you are 1,000x safer with Firefox. That is NOT likely to  DonnieBoy | 03/31/06
I agree-Firefox is safer  brble | 03/31/06
There have been virtually zero exploits of Firefox, any way you look at it  DonnieBoy | 03/31/06
Troll!  friedcow | 03/31/06
For the foreseeable future, you are safer with Firefox.  DonnieBoy | 03/31/06
RE: Troll!  richdave | 03/31/06
Like for example:  Grayson Peddie | 04/01/06
Why put up  uk_forum@... | 05/26/07
I already have a patch for IE...  Mr. Roboto | 03/31/06
Bravo !  I'm Ye, the MS SHILL . | 03/31/06
May consider an early release????  linux_for_me | 03/31/06
Turning an aircraft carrier........  shawkins | 03/31/06
I think the problem is  zmud | 03/31/06
Can we please focus on the positives!  Mike Cox | 03/31/06
huh?  phburks | 03/31/06
Ah, a Friday fish dinner is in store for us...  Confused by religion | 03/31/06
i'm new ...  phburks | 03/31/06
Somebody should make a cast of characters list  James T. Kirk | 03/31/06
Great Idea  LoCal | 03/31/06
it amazes me  corticus | 03/31/06
it amazes me  uM0p ap!sdn | 03/31/06
And a self-admitted 'New Guy'..  Spikey_Mike | 03/31/06
i'm new ...  uM0p ap!sdn | 03/31/06
time to learn  uk_forum@... | 05/26/07
Huh Huh?  ahy-nonimous | 03/31/06
k ...  phburks | 03/31/06
It certainly is ...  LoCal | 03/31/06
Mikey 9.9  DragonBRockin | 03/31/06
Microsoft Koolaid  BSmall | 03/31/06
I always focus on the positives  TWRX | 03/31/06
You're just baiting us - right?  Mawdo | 03/31/06
Mikey reels in another NooB  DragonBRockin | 03/31/06
I can only say ...  Mawdo | 03/31/06
Zealots  handydan918 | 03/31/06
That's great....two????  xuniL_z | 03/31/06
poke fun at MS  uk_forum@... | 05/26/07
Good One  dragonbite | 03/31/06
Well Mike... ya had a good score rolling until this line...  Linux User 147560 | 03/31/06
Thanks for the focus!  handydan918 | 03/31/06
Thank you Mr. Cox...  SysAn63 | 03/31/06
RE: Can we please focus on the positives!  richdave | 03/31/06
10.0  s_gamgee | 04/01/06
Uh... Mike  ArtMac | 04/03/06
IE vulnerability and weird Norton warnings  vaspersthegrate | 03/31/06
Format . . .  bjornafreeman@... | 03/31/06
Format and install Mepis  s_gamgee | 04/01/06
Maybe it's not the Browsers?  JJJakus | 03/31/06
Malewear  handydan918 | 03/31/06
DOOOH!!!  SysAn63 | 03/31/06
here's what you need!  u2in99 | 04/02/06
Ummm, it's not your browsers that are the problem  Linux User 147560 | 03/31/06
This points out what is really wrong.  xuniL_z | 03/31/06
WOW  webDevx | 04/03/06
First let me start with  Linux User 147560 | 04/03/06
First let me start with  Linux User 147560 | 04/03/06
finally installed IE XP  uk_forum@... | 05/26/07
Flaws are attacks from HACKERS AND MALICIOUS PEOPLE  erniem1970@... | 03/31/06
Have some kids  zmud | 03/31/06
Heh heh.... Only too true!  Boomslang | 03/31/06
You couldn't be more correct.....  shawkins | 03/31/06
need training?  rugdav | 03/31/06
Great Reply!  SysAn63 | 03/31/06
removing spyware  uk_forum@... | 05/26/07
10.0!!  s_gamgee | 04/01/06
so ...  phburks | 03/31/06
Dont feed the Trolls  DragonBRockin | 03/31/06
Just typo corrections.. Havent had coffee yet  DragonBRockin | 03/31/06
Bill knew what he was doing  corticus | 03/31/06
Ya got me...  DragonBRockin | 03/31/06
NEWS FLASH...  DragonBRockin | 03/31/06
Of course  lengua99 | 04/01/06
M$'s fault  uk_forum@... | 05/26/07
True? Yes. Realistic? No.  Gasman_z | 03/31/06
The REAL problem...  handydan918 | 03/31/06
Perfect World  Gregory.J.Bradley@... | 03/31/06
Oh, sure  Vinko_z | 04/01/06
Luck of the draw, erniemink  null | 04/01/06
Intersting perspective, but dead wrong.  Wm_Hayashi | 04/02/06
And this is the mentality that gives us all problems  mobrien_12@... | 04/02/06
OK I got it...  realitycheck101 | 04/02/06
No you don't got it...  Linux User 147560 | 04/03/06
Microsoft is a major national security risk  Snippy Clippit | 04/03/06
Oh that's easy!  Linux User 147560 | 04/03/06
9.0 Mike!  TCP?IP'ed | 03/31/06
Touching piece of irony...  friedcow | 03/31/06
e-mail announcement  uk_forum@... | 05/26/07
a complex world  hillman.d@... | 03/31/06
How to crash Safari  Qbt | 03/31/06
To be clear...  Qbt | 03/31/06
Ah Peter!  Linux User 147560 | 03/31/06
Well of course....  James T. Kirk | 03/31/06
Oh my!  Linux User 147560 | 03/31/06
When did Safari get mentioned? (NT)  s_gamgee | 04/01/06
textless  uk_forum@... | 05/26/07
I suppose I would be concerned about this  James T. Kirk | 03/31/06
Stories I keep getting e-mailed from you guys....  zdnet reader | 03/31/06
So where's Loverock and No_Ax?  Sxooter_z | 03/31/06
Loverock's waiting on April 11...  Tony Agudo | 03/31/06
Obvious and blatant fearmongering  Omch'Ar | 03/31/06
"Recent" IE Flaw ?  mgordo | 03/31/06
"Recent" sounds better than "yet another friggin exploit for IE, (cont.)  Monkey_MCSE | 03/31/06
IE-EXPLOIT-EMAIL  COONEY5825 | 03/31/06
Blaming The Browser  spectre6@... | 03/31/06
Yeah, it's the hackers fault MICROSUCKS writes bad code...  realitycheck101 | 03/31/06
Microsoft is very predictable  Dragonn | 03/31/06
...and who is really wrong  demiurgo | 04/03/06
Pre-Von Neumann  hsfrey | 04/03/06
special spot in memory  uk_forum@... | 05/26/07

What do you think?

advertisement
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
advertisement

White Papers, Webcasts, and Downloads

Meet Doc

  • Here to help you with your Document Management Needs
  • Doc is an enigma. Born to a Russian ballerina and a German electrical engineer, he grew up in various locations in the United States. He’s seen the insides of more brands, versions, and generations of printer and printer-related hardware than almost anyone.
  • To learn more about this mysterious figure check out his blog on ZDNet and his Workspace on TechRepublic. You’ll be glad you did.
  • Produced by
    ZDNet and