Jun 27, 2008 : IE Feature Causing Malware

📅 June 27, 2008 - An online security researcher has found a drive-by malware download that exploits an Internet Explorer feature to launch cross-site scripting attacks, according to a report by ZDNet (blogs.zdnet.com/security/?p=1361).

Roel Schouwenberg, an analyst at Kaspersky Lab (kaspersky.com), detected the attack at a compromised legitimate site, is using a modified GIF file to exploit the cross-site scripting feature/vulnerability.

Schouwenberg said he notified Microsoft of the flaw when a similar attack occurred a while ago on a lower traffic site. He told Microsoft that the JavaScript embedded into GIF files can be executed under certain circumstances.

Microsoft, however, disagreed with his findings, and he said the vulnerability went unfixed.

The most recent attack took place on a high traffic website, where a GIF file with an embedded iFrame redirects IE users to a known malicious site.

Although the malicious site in question is currently offline, Schouwenberg says there is proof that the site is involved in ID-theft attacks. He says that the advanced malicious site is difficult to detect because the view source does not show any trace of malicious code.

Schouwenberg has once again contacted Microsoft about this most recent attack, asking the software firm to take another look at the problem.

Reads: 1845 | Category: General | Source: TheWHIR : Web Host Industry Reviews
URL source: http://www.thewhir.com/marketwatch/062708_IE_Feature_Causing_Malware.cfm
Want to add a website news or press release ? Just do it, it's free! Use add web hosting news!

Other news

📅 Jun 26, 2008 - First 2CO Verified Seller At Bangladesh - Since XeonBD opened it's doors in 2005, we have been committed to bringing the power of the Internet to our customers across Bangladesh and around the globe, through innovative and easy-to-use products that are supported by unmatched customer service. It's our experience that gives us the skills to guide you through the process of getting on the Web by continually developing new, easy-to-use features and tools that take the difficulty out of creating, promoting and having a Web site.

And now 2Checkout.com, Inc. is an authorized retailer of XeonBD

From XeonBD - Safe Shopping Guarantee

2CO currently accepts the following credit cards:

📅 Jun 26, 2008 - ASPHostCentral.com launches SQL Server 2008 Beta Hosting Plan - Innovative windows hosting leader, ASPHostCentral.com, announces the launch of a Microsoft SQL Server 2008 hosting beta program available to all ASPHostCentral.com customers at no additional cost. Customers can enable their free SQL 2008 hosting beta account through their control panel.

Microsoft SQL Server 2008 is a major update to its enterprise database product and is currently in RC0 release. Although no launch date has been officially stated, the final release of SQL Server 2008 is said to be slated for Q3 2008.

For developers, some of the new SQL 2008 features include new data types, such as date/time data types and geospatial data types. In addition, La

📅 Jun 26, 2008 - ICANN Concludes Successful 32nd Meeting in Paris - PARIS, FRANCE: The Internet Corporation for Assigned Names and Numbers (ICANN) concluded its 32nd International Public Meeting in Paris today after four days of discussions that will shape the future of the Internet. The conclusion of the meeting saw the approval of a proposal to expand the world's Domain Name System and to work on adapting it to accommodate top level domain names in scripts such as Arabic, Cyrillic or other non-Latin scripts. "This was an extremely successful meeting that will be remembered as a milestone in the development of the Internet," said Peter Dengate Thrush, ICANN's Board Chairman. "New generic Top Level Doma

📅 Jun 30, 2008 - Mexico City, Mexico Selected to Host 34th International Public Meeting - Mexico City, Mexico will host the Internet Corporation for Assigned Names and Numbers' 34th International Public Meeting from 1-6 March 2009. At its 26 June 2008 meeting, the ICANN Board accepted the proposal to host the meeting put forward by the Mexican Internet Association (AMIPCI). "ICANN looks forward to its first meeting in Mexico," said Paul Levins, ICANN's Executive Officer and Vice President - Corporate Affairs. "Mexico has been a great supporter of ICANN since its inception." The dedicated website for the meeting as well as the meeting venue will be the announced in the near future. Additionally, ICANN

📅 Jul 1, 2008 - The Planet Upgrades Virtual Rack - Dedicated hosting provider The Planet (theplanet.com -> softlayer.com -> ibm.com) has added 1Gb-per-second speed and virtual private network services to its virtual private rack solution to help increase flexibility in multi-server environments. "We introduced virtual racks to provide a cost-effective, automated solution for large and small complex hosting environments," director of product management Urvish Vashi said in a press release. "By adding these upgrades, we're able to better meet the needs of one of our fastest-growing customer segments."Announced Tuesday, the upgrades will allow customers to transfer data faster between servers both within their virtual rack environment and to ot

📅 Jul 1, 2008 - Iomart to Host eBay Competitor - UK managed hosting and data center services provider iomart (iomart.com ) has won the contract to provide the IT backbone for Aroxo (aroxo.com), a new online marketplace aiming to rival eBay (ebay.com). Announced Tuesday, iomart will be powering Aroxo, a service the company describes as a unique, easy-to-use system to help people to get the best online deals with minimal searching. While still in beta testing stages, Aroxo has entered into a multi-year deal to use iomart's intelligent hosting service. Financial details of the deal have not been disclosed."Reliability of our service, and thus our servers, is paramount," co-founder Matt Rogers said in the press relea