Porn sites exploit new IE flaw | Tech News on ZDNet

On TV.com: 10 characters that need to be killed off

BNET Business Network:: BNET; TechRepublic; ZDNet

By Joris Evers
Posted on ZDNet News: Sep 19, 2006 10:58:00 PM

Miscreants are using an unpatched security bug in Internet Explorer to install malicious software from rigged Web sites, experts warned Tuesday.

The vulnerability lies in the way IE 6 handles certain graphics. Malicious software can be loaded, unbeknownst to the user, onto a vulnerable Windows PC when the user clicks on a malicious link on a Web site or an e-mail message, several security companies said.

"Fully patched Internet Explorer browsers are vulnerable," Ken Dunham, director of the rapid response team at VeriSign's iDefense, said in an e-mailed statement. "This new zero-day attack is trivial to reproduce and has great potential for widespread Web-based attacks in the near future."

Security-monitoring companies Secunia and the French Security Incident Response Team have given the issue their most serious ratings.

Shady adult Web sites are among the first to exploit the IE vulnerability, Eric Sites, vice president of research and development at spyware specialist Sunbelt Software, wrote on a corporate blog. In one case, a malicious Web site used the exploit to install "epic loads of adware," according to Sunbelt.

Microsoft plans to fix the flaw as part of its monthly patching cycle on Oct. 10, the software giant said in a security advisory. The update might be released sooner, "depending on customer needs," Microsoft said. Typically, Microsoft only breaks its patch cycle when attacks are widespread.

The number of attacks may rise quickly, according to Web security company Websense. It appears that WebAttacker, a tool often used to create attack sites, has been fitted with the new exploit, Websense said in an e-mailed statement. "We have confirmed multiple, previously known, WebAttacker sites that are currently exploiting this vulnerability to install malicious software," Websense said. "We expect to see many of the several thousand WebAttacker sites begin to utilize the exploit, as they update to the latest release of the tool kit."

"Microsoft is aware that this vulnerability is being actively exploited," the company said in its advisory. While it works on an update, Microsoft recommends users keep their security software updated and take caution when browsing the Web. In its advisory, it also provides several workarounds to protect systems against the flaw.

The vulnerability lies in a Windows component called "vgx.dll." This component is meant to support Vector Markup Language documents in the operating system. VML is used for high-quality vector graphics on the Web.

This is the second known and unpatched flaw for IE to surface in as many weeks. Last week Microsoft confirmed a flaw in an ActiveX control related to multimedia. Attack code that exploits the flaw and could be used to hijack Windows PCs running IE 5 or IE 6 has been posted on the Net. Microsoft also has yet to provide a patch for a Word 2000 flaw being exploited in targeted cyberattacks.

SponsoredWhite Papers, Webcasts, and Downloads

The Impact of Virtualization Software on Operating Environments VMware Today's use of virtualization technology allows IT professionals to ... Download Now
Why Isn't Server Virtualization Saving Us More? A Few Small Changes May Dramatically Increase Your Efficiency VMware Ever wonder why your company isn't saving more from its server virtualization? Making a few small changes could dramatically increase your efficiency. Download Now
Five Steps to Determine When to Virtualize YourServers VMware Thinking of virtualizing the servers at your company? Use this step-by-step guide to determine when's the best time to make your big move. Download Now

Talkback
Most Recent of 172 Talkback(s)

Thread View
Flat View

Must? use IE: So you can surf for porn at work? (Read the rest); Posted by: shimong@... Posted on: 10/05/06 You are currently: a Guest | Log in | Terms of Use

Not My Problem Hrothgar - PCLinuxOS User | 09/19/06

It's not terrorism. It's business. HypnoToad | 09/19/06

I love freedom... Hrothgar - PCLinuxOS User | 09/19/06

Lets not get too high and mighty...and get your head out of the sand... eDrag0n | 09/20/06

Message has been deleted. Reverend MacFellow | 09/20/06

Ooooops....big mistake newbie. [ARB1D3_[00L3R | 09/20/06

Well said starman_gary | 09/20/06

Me down and dirty Hrothgar - PCLinuxOS User | 09/20/06

OMG are you married? [ARB1D3_[00L3R | 09/22/06

If your a guy Yeah, if your a woman Hrothgar - PCLinuxOS User | 09/26/06

Those people in the planes Cardhu | 09/24/06

I heard reports that they watched an attendant Hrothgar - PCLinuxOS User | 09/26/06

I Haven't Heard Such Reports Cardhu | 09/27/06

PS This you doesn't like Apple either. Hrothgar - PCLinuxOS User | 09/21/06

It is so *OUR* problem... even for Firefox/Linux users Knorthern Knight | 09/19/06

not just linux, but every nix user is affected too... nix_hed | 09/20/06

RE: Not My Problem Protagonistic | 09/19/06

It's no big deal for me. Grayson Peddie | 09/19/06

The porn sites are merely "patient zero". Zogg | 09/19/06

Knock, knock TimeBomb | 09/19/06

Sure you don't tic swayback | 09/20/06

The clueless again make the stupid and igorant remarks, not surprized HelpDesk Dave | 09/20/06

Didn't you know Shelendrea | 09/20/06

MS Patch Priorities mobrien_12@... | 09/19/06

Would you guys drop the DRM issue already? PB_z | 09/19/06

It's a real complaint. Why should we? buran | 09/19/06

Please think before you post. Rbust0 | 09/19/06

no logical Suicida| | 09/19/06

if it is in porn then is the christian science monitor next? jimmurray1946 | 09/19/06

or we could all.. jakex3@... | 09/19/06

Or we could skip the cheezy "Wannabe" browsers and... Cayble | 09/19/06

doesn't say its only in 6 jimmurray1946 | 09/19/06

Ha! You are kidding me right? Cayble | 09/19/06

And you must be kidding me... Rbust0 | 09/19/06

To expand on that Rick_K | 09/22/06

why, why, why Suicida| | 09/19/06

Oh come on ebrke | 09/20/06

re:Ha! You are kidding me right? adr5@... | 09/20/06

wannabe browsers? zoroaster | 09/20/06

Why would I install that on a Linux machine? Hrothgar - PCLinuxOS User | 09/20/06

already have firefox, netscape, opera and ie 7 but... jimmurray1946 | 09/19/06

Can malware jump from Firefox to IE? bart001fr | 09/20/06

Cross infection JDThompson | 09/20/06

Firefox blocks images... nomorems | 09/19/06

Who is the publisher? rvolkman@... | 09/19/06

Porn sites exploit new IE flaw Loverock Davidson | 09/19/06

uhhh....still 2 weeks and counting for MS to actually deliver their 'fix'. nomorems | 09/19/06

There are no "safe sites" Knorthern Knight | 09/19/06

Rowing across the Atlantic swoopee | 09/19/06

Rowboat crossing the Atlantic? bart001fr | 09/20/06

Sure there are Loverock Davidson | 09/20/06

Naivetee is a wonderful world to live in! Zeppo9191 | 09/20/06

Fill-in fisherman percykidpester | 09/19/06

Who what? Loverock Davidson | 09/20/06

Loverock is absolutely serious. Zeppo9191 | 09/20/06

Same old boring sites? tic swayback | 09/20/06

Same sites Loverock Davidson | 09/20/06

Please educate us all, Loverock Zeppo9191 | 09/20/06

Oh come on, that's easy. cyanblade | 09/20/06

But what if you want something new? tic swayback | 09/20/06

The flaw is in the site Loverock Davidson | 09/20/06

One never knows what will pop up next tic swayback | 09/20/06

Come on Tic Rick_K | 09/22/06

Peer 2 Peer AVI (or so I've heard) Hrothgar - PCLinuxOS User | 09/20/06

Finally caught on TripleII | 09/20/06

I do? Loverock Davidson | 09/20/06

Not biting TripleII | 09/20/06

How do you come to the conclusion that MS is "ready to ship the patch"? Zeppo9191 | 09/20/06

LOVEY LOVEY LOVEY Shelendrea | 09/20/06

Shelly Shelly Shelly Loverock Davidson | 09/20/06

I know what the article is about Shelendrea | 09/20/06

He was being deliberately ironic Cardhu | 09/24/06

Whatever helps you remain both Micro and Soft while viewing porn. B.O.F.H. | 09/20/06

The Internet is for.... thookerov | 09/19/06

Just one of the many, many, many reasons swoopee | 09/19/06

not surfing for porn won't protect you zoroaster | 09/20/06

Firefox for porn surfing bart001fr | 09/20/06

Use Firefox and Debian jbengeii@... | 09/19/06

ENOUGH WITH FIREFOX!! BroGnorik | 09/20/06

Yeah but Mozilla doesn't have "Zing" Hrothgar - PCLinuxOS User | 09/21/06

This is a double whammy Dr_T | 09/19/06

Message has been deleted. itanalyst | 09/19/06

SO yo swear FF will work for that Granny Porn??? Cayble | 09/19/06

Granny porn better than no porn at all. Hrothgar - PCLinuxOS User | 09/20/06

Huh? Cardhu | 09/24/06

People are still using IE? drew30319 | 09/19/06

Tell you what... Cayble | 09/19/06

Showing your comprehension ability again Cayble? mdsmedia | 09/20/06

Firefox from Jennifer Ann's site bblackmoor@... | 09/19/06

It's on the right, under the Google Ads Rbust0 | 09/19/06

What ads? bblackmoor@... | 09/20/06

who mww672@... | 09/21/06

I've tried Firefox... Harly69 | 09/19/06

Maybe you should re-install Suicida| | 09/19/06

Ostrich DirtyDingus | 09/20/06

That "better" browser chrisbedford | 09/20/06

Standards phburks | 09/20/06

stay off the internet rattatatt@... | 09/20/06

No! Grayson Peddie | 09/20/06

Jennifer Ann perryroyce@... | 09/20/06

I'm sincerely sorry about your loss. Zeppo9191 | 09/20/06

No kidding Shelendrea | 09/20/06

I'm sincerely sorry about your loss. perryroyce@... | 09/20/06

Re: JenniferAnn.org drew30319 | 09/20/06

Glad to see someone talking some sense www.cybertopcops.com | 09/25/06

Why porn? And why IE? bblackmoor@... | 09/19/06

Well Suicida| | 09/19/06

Blatant article marketing jiwhite | 09/20/06

FF Doesn't have my favorite feature cyanblade | 09/20/06

RE: FF Doesn't have my favorite feature tfahs_orcim | 09/20/06

ie flaw jameswest | 09/20/06

Seamonkey has it cls@... | 09/21/06

Because FF crashes alot more than many applications welcomeBeenie | 09/20/06

Firefox is solid Mace68 | 09/20/06

something smells fishy rattatatt@... | 09/20/06

LOVE your argument! critic-at-arms | 09/22/06

Again, anyone who still uses IE DESERVES what they get DarthRidiculous | 09/19/06

So, anyone who worked russ553@... | 09/20/06

Message has been deleted. roninpe@... | 09/20/06

What are you talking about DarthRidiculous | 09/20/06

Not Just Irrelevant to Gerald's Original Post Cardhu | 09/28/06

So those who use Macs can surf porn sites safely? richardlai | 09/20/06

We can but... tic swayback | 09/20/06

Does it leave your keyboard sticky? Hrothgar - PCLinuxOS User | 09/20/06

Not that we care to bother. Cardhu | 09/24/06

easy solution to the IE flaw marellano | 09/27/06

Format and use any distro of Linux!!! marellano | 09/27/06

Ah, yes. The Drive By Install, STILL not fixed... BitTwiddler | 09/20/06

No problems hear tfahs_orcim | 09/20/06

When will ZD just come out and state the truth? Wm_Hayashi | 09/20/06

M$ Brainwashing DarthRidiculous | 09/20/06

US Gov. rattatatt@... | 09/20/06

because it's not their job cls@... | 09/21/06

They have to be subtle or get sued critic-at-arms | 09/22/06

Who uses IE to surf for PORN voska | 09/20/06

RE: who uses IE to surf PORN tfahs_orcim | 09/20/06

The problem is ... Cardhu | 09/28/06

An Example From Today Cardhu | 09/28/06

There is a simple solution jolumoar | 09/20/06

Must use IE wagnert | 09/20/06

Try IETab KWierso | 09/20/06

Must? use IE shimong@... | 10/05/06

How about a billion? chuckgosh@... | 09/20/06

They know how, but why should they? cls@... | 09/21/06

What a laugh Shelendrea | 09/20/06

Strange aensland | 09/20/06

What's even stranger Shelendrea | 09/20/06

not you aensland | 09/20/06

ie flaw jameswest | 09/20/06

Let's not get too high and mighty the other way either timoute | 09/20/06

Virus Scanner BALTHOR | 09/20/06

Bad mouthing MS, firefox and opera next alansaul@... | 09/20/06

No, sorry, these are exploits of MS code which aren't in FF critic-at-arms | 09/22/06

What is this "porn" stuff anyway? tomfoxxx2000@... | 09/20/06

I'm not quite clear myself Cardhu | 09/24/06

Message has been deleted. BFD | 09/20/06

Get Opera or Firefox, they are FREE! [ARB1D3_[00L3R | 09/20/06

Latest Flaw rattatatt@... | 09/20/06

Not my problem Boot_Agnostic | 09/20/06

Blasted shell integrations pj-xmesh | 09/20/06

What?? bigjohnl@... | 09/20/06

Not just Porn Sites davidsarmstrong | 09/20/06

IE7 is not vulnerable calso | 09/21/06

Are U Sure? alansaul@... | 09/21/06

nobody knows cls@... | 09/21/06

Accepting people as they are !!!! AlienInfos | 09/21/06

Porn sells, even for ZDNet sunfinch | 09/21/06

Just say no to porn rollinshultz | 09/21/06

Just say no to the Internet... BrookStone5 | 09/21/06

Fuel for the moral oral Boot_Agnostic | 09/21/06

And Your Point Is? Cardhu | 09/28/06

malware from porn sites snafu-cf | 09/21/06

What do you think?

White Papers, Webcasts, and Downloads

The Impact of Virtualization Software on Operating Environments VMware Today's use of virtualization technology allows IT professionals to ... Download Now
Why Isn't Server Virtualization Saving Us More? A Few Small Changes May Dramatically Increase Your Efficiency VMware Ever wonder why your company isn't saving more from its server virtualization? Making a few small changes could dramatically increase your efficiency. Download Now
Five Steps to Determine When to Virtualize YourServers VMware Thinking of virtualizing the servers at your company? Use this step-by-step guide to determine when's the best time to make your big move. Download Now

SmartPlanet

Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
More from IBM
Innovate your business' process model, play against the market, compete against others on our scoreboards and WIN! Try INNOV8 2.0: A BPM Simulator
Enabling Real-World Business Transformation through IBM Service Management Read the EMA Analyst Report

Click Here

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More