|
| Clunky-B exploits the Microsoft vulnerability,
allowing hackers to gain access to the infected PC. |
Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have warned
internet users to take care when surfing the web, following
sightings of malware which has been planted on websites exploiting
an unpatched Microsoft security vulnerability.
The security vulnerability, which is not yet patched by
Microsoft, allows hackers to run malicious software (such as a
Trojan, virus or worm) on a user's machines when they visit a
website containing the exploit code.
The vulnerability affects Microsoft Internet Explorer on the
following operating system platforms: Microsoft Windows 98, Windows
98 Second Edition, Windows Millennium Edition, Windows 2000 Service
Pack 4, Windows XP Service Pack 1, and Windows XP Service Pack
2.
Sophos experts have seen malware posted on websites using the
vulnerability, including the Troj/Clunky-B Trojan
horse (protected against since November 30 2005).
"Microsoft will be fuming that the security of their software is
being brought into question before they have had a chance to issue
a security patch," said Graham Cluley, senior
technology consultant for Sophos. "Microsoft's next bundle of
security patches are not due until 13 December, and it will be
interesting to see if they decide to break the cycle and release a
patch earlier in response to the increasing number of exploits of
this problem."
"Everyone who uses the net needs to be very careful about what
websites they visit, which email links they click on, and to ensure
their defenses are always up-to-date," continued Cluley. "It
wouldn't be a surprise if more malware was distributed that took
advantage of this vulnerability in Microsoft's code."
Until a fix is available from Microsoft, concerned computer
users should consider changing the configuration of Internet
Explorer to turn off, or prompt before, allowing Active Scripting
to run.
Sophos recommends that every IT manager responsible for security
should consider subscribing to vulnerability mailing lists such as
that operated by Microsoft at www.microsoft.com/technet/security/bulletin/notify.mspx.
Sophos continues to recommend companies protect their desktops
and servers with automatically updated
anti-virus protection and appropriate firewall defenses.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.