internet browser warning

My bank in the UK sent a simlar message too. It seems if you have this virus, you will get an additional pop-up asking to confirm your pin number for security reasons, and them promptly sends it to yet another server in Russia..nice!

MS need to patch this, not just shut the recipiant server down. God knows how many have fallen for this so far, having had first hand experience, it looks VERY realistic on the banking sites, and even i had to stop and think about it.

At least people are starting to dump Ie at last

 

Naw it cant work with most major browsers. It is utilizing an ActiveX flaw. Opera/FirefoxNetscape etc dont support ActiveX, so it cant be exploited

 

I guess it could infect Firefox, they have an ActiveX plugin that lets you run windows update in FF itself.

Since catching this Trojan last week i have tested it as much as my boss would allow. I'll try it on FF with ActiveX plugin. I can confirm it is impossible to work on Opera.

All the IE skin Browers are vulnerable however, MYIE, Avant, Crazy Browser etc.

Hopefully MS will give up on the whole ActiveX thing, IE might actually be half secure if they had never invented it ;-) Or stuck with Sun's more security conscious implimentation

 

Way to go sis.....lots of interest on this post!

 

Seems to download the trojan, but FF renames it to a .DAT file before saving to memory or disk, meaning essentially the trojan is usless, of course your virus checker would pick that file up as the trojan if scanned.

Personally installing ActiveX on FF kinda defeats the point of using a modern secure browser imo.

I think this may be more due to luck, than some FF programmer realiseing this weakness and making the .DAT change

 

questions

Honestly - I read ALL the posts...and I know you all know (pretty much) what you're talking about BUT...

Nivana says "Opera/firefox"...isn't it Mozilla Firefox and isn't Opera a different browser altogether like Netscape is different?

And I'm confused about JAVA and JAVAscript. Isn't this something web sites use on the pages so you have to have one or the other enabled (can't remember which) in order to view certain sites correctly? I know I have this confused -- along with Active X. It sounds like you really don't want either one???? Therefore that's one reason so many of you prefer Mozilla Firefox?

 

Re: questions

Sorry was being confusing, i simply bundled Opera and FF with a "/" as they are the two best, and well known IE alternatives. YES they are very different, both use very different page rendering techniques, than IE, such as the GECKO engine.

ActiveX is something im not all that up on myself, but to give a very basic overview, it allows certain MS webpage functions, such as scanning your PC on windows update. For that it needs (and gets!) direct access to your Hard disk. Here is the problem, ActiveX lets webpages scan, look through and insert code into your Hard disk due to the many vulnerabilities it has. Because Opera and FF do not support ActiveX, it means websites cannot even browse your computer, let along insert malaicioud trojans.

Java and Javascript is mainly for pulling off nice effect on pages, such as transitions, auto pop-ups, mouse-overs, lighting up buttons when you hover over them etc etc. Opera and Firefox Have full java/Javascript support should you need it. And as far as im aware neither would ever give a web page access to your local drives.

So all you need to remember, is that ActiveX is the security risk, due to the fact that right now, any website may utilize it to place a virus/trojan directly onto your Hard disk. And because its going thru your browser and using an allowed port it wont be blocked by a firewall, the only way of being safe is not to use IE at all. Get Opera or Firefox. Or at least get a good virus scanner and scan daily until MS patch IE up.

Hope that made it less confusing?

 

Re: questions

http://news.com.com/IE+competitors+mull+ActiveX+alternative/2100-1032_3-5253504.html?tag=nefd.hed

That link explains much better than me how its activeX thats at fault, and that this exploit was known about a long time ago, just only recently exploited.

 

Re: questions

Nivana says "Opera/firefox"...isn't it Mozilla Firefox and isn't Opera a different browser altogether like Netscape is different?
Yes Opera, Mozilla Firefox & Netscape are 3 different browser's and from reading hear are protected from the latest flaw though Firefox will create a dat file if the Windows Update plugin is installed in it.

And I'm confused about JAVA and JAVAscript. -- along with Active X.
Javascript & Active X can all be exploited, thus they are a security risk even before this latest adventure came along.
I don't allow any of it unless I go to a trusted site to run an online virus scanner, and the MS update site requires it all to be on and let their Active X run. I don't go to or allow any other sites to install Active X, and uninstall the ones online virus checker sites install when I am done there.

As for JAVA scripts I don't allow them either and can't get into some sites or when I click on a link on a page it won't go there (which is what usually happens). In OE sometimes it does enter all or part of a link in a new browser window that you can edit out all except the http:// line or add it with the site location (ex: http://www.majorgeeks.com/ ) and add the folder for the page you are on or guess at a folder name (ex: http://www.majorgeeks.com/vb/ or http://www.majorgeeks.com/vb/images) and still see the link the java script would take you to.
If it enters the full http:// info edit out all the stuff at the beginning before the http, and at the end until you get the page to come up.
I play this game at a news site when I click on a link to go view pictures now. I left it to allow it to run Java scripts before & one night with the browser not being on that site I caught connections trying to go out to it. Clearing the IE cache & history & moving on to another site didn't fix the problem, it took doing this & deleting all my cookies (from trusted sites) to stop the out going connections. This happened about a 45 days ago, and really woke me up to the foul play Java scripts can get you into, whether it was a harmless thing (error on their web page) or hijacked web site causing it.

As I was told in the past the Net is an unsafe playground and I guess it will always remain a cat & mouse game thus always keep programs/OS set securely & updated often, run a firewall and keep the AV updated and running (all files is best).

 

Re: questions

Got this in & it explains what each does in easy to understand terms.
http://www.us-cert.gov/cas/tips/ST04-012.html

 

Re: questions

Thanks - you are all so helpful