October 02, IDG News Service Trojan uses MS hole to hijack Web browsers.
Computer hackers have found a way to exploit an unpatched hole in Microsoft's Internet Explorer (IE) Web browser, using a specially designed attack Website to install a Trojan horse program called Qhosts−1 on vulnerable Windows machines. The Trojan program changes the DNS (Domain Name System) configuration on the Windows machine so that requests for popular Web search engines bring the Web surfer to a Website maintained by the hackers instead, according to warnings from leading security companies. The attacks are just the latest in a string of online scams that rely on a flaw in IE known as the "ObjectData" vulnerability. Microsoft released a patch for the ObjectData vulnerability, MS03−032, in August. However, even machines that applied that patch are vulnerable to the latest attack because of holes in that security patch. Microsoft said Thursday, October 2, that it was investigating reports of exploits for a variation on a vulnerability originally patched in Microsoft Security Bulletin MS03−032 and would release a fix for that hole shortly. A company spokesman could not say when the patch update will be released. The company recommended that users install the latest Windows updates and change their IE Internet security zone settings to notify the user when suspicious programs are being run.
Source: http://www.infoworld.com/article/03/10/02/HNtrojanhack_1.html
Computer hackers have found a way to exploit an unpatched hole in Microsoft's Internet Explorer (IE) Web browser, using a specially designed attack Website to install a Trojan horse program called Qhosts−1 on vulnerable Windows machines. The Trojan program changes the DNS (Domain Name System) configuration on the Windows machine so that requests for popular Web search engines bring the Web surfer to a Website maintained by the hackers instead, according to warnings from leading security companies. The attacks are just the latest in a string of online scams that rely on a flaw in IE known as the "ObjectData" vulnerability. Microsoft released a patch for the ObjectData vulnerability, MS03−032, in August. However, even machines that applied that patch are vulnerable to the latest attack because of holes in that security patch. Microsoft said Thursday, October 2, that it was investigating reports of exploits for a variation on a vulnerability originally patched in Microsoft Security Bulletin MS03−032 and would release a fix for that hole shortly. A company spokesman could not say when the patch update will be released. The company recommended that users install the latest Windows updates and change their IE Internet security zone settings to notify the user when suspicious programs are being run.
Source: http://www.infoworld.com/article/03/10/02/HNtrojanhack_1.html