***Virus warning***
Thread Starter
un-Touch'd krew
Joined: May 2001
Posts: 51,774
Likes: 1
From: My own level of hell
***Virus warning***
More info:
http://news.com.com/Corporate+Web+se...l?tag=nefd.top
MS info page:
http://www.microsoft.com/security/in...load_ject.mspx
To determine if the malicious code is on your computer, search for the following files:
Kk32.dll
Surf.dat
Steps for Windows XP users:
On the taskbar at the bottom of your screen, click Start, and then click Search.
Under What do you want to search for? click All files and folders.
Under All or part of the file name:
type: Kk32.dll
and then click the Search button.
Under All or part of the file name:
type: Surf.dat
and then click the Search button.
If either of these files is present, your computer may be infected.
Web Virus May Be Stealing Financial Data
New Scheme Causes Web Sites to Spread the Bug
By ANICK JESDANUN, AP
NEW YORK (June 26) - A computer virus designed to steal valuable information like passwords spread Friday through a new technique that converted popular Web sites into virus transmitters.
Though the impact of the ''Scob'' outbreak was mild compared with recent infections like ''Sasser'' and ''Blaster,'' security experts worried about its method of delivery.
With Scob, virus writers have discovered yet another way - beyond e-mail and network techniques - of distributing their malicious code.
Now that the exploit is out, it won't be long before others adapt it for spamming and for launching broad attacks to cripple the Internet, said Alfred Huger, senior director of engineering at security company Symantec Corp.
The infection, first discovered by Microsoft Corp. on Thursday, appears to take advantage of three separate flaws with Microsoft products and can be difficult to detect.
Stephen Toulouse, a security program manager at Microsoft, said software updates to fix two of them had been released in April, but the third flaw was newly discovered and had no patch available yet.
He recommended that computer owners obtain the latest security updates for Microsoft products and their anti-virus and firewall programs. For the flaw that lacks a patch, he said, users should also turn up security settings on Microsoft's Internet Explorer browsers to the highest levels.
Users could also turn off the ''JavaScript'' feature on their Microsoft browsers, though doing so could cripple functions on some sites.
The virus does not affect Macintosh versions of Internet Explorer, nor does it spread through non-Microsoft browsers like Mozilla and Opera.
Users can search their computers for the files ''Kk32.dll'' or ''Surf.dat'' to see if they are infected. Removal tools are available from major anti-virus vendors.
Experts said the infection was unusually broad but wasn't substantially interfering with Internet traffic.
The U.S. Computer Emergency Readiness Team warned that any Web site, even those trusted by users, might be a vector for spreading the virus.
Security experts worked Friday to pin down how hackers managed to infect hundreds and possibly thousands of Web sites. It appears to target at least one recent version of Microsoft software for operating Web sites, called Internet Information Server.
Hackers made subtle changes to the Web site so visitors get a piece of code that's designed to retrieve, from a Russian Web site, software that records a person's keystrokes.
Such data, which can include credit card numbers, bank accounts and passwords, are collected for remote delivery to hackers, experts say.
The virus, however, does not attempt to spread itself, helping to limit its effect.
Web sites have been used before to spread a form of spyware called ''browser hijackers.'' One, known as Qhosts, disables access to major search engines and resets the Internet Explorer browser home page to a little-known site.
But those typically have involved ''users having been visiting shady sites,'' Chris Kraft, senior security analyst at Sophos Inc. Here, hackers plant the code on business, government and other everyday sites they do not normally control.
''This is kind of ingenious,'' Kraft said
http://news.com.com/Corporate+Web+se...l?tag=nefd.top
MS info page:
http://www.microsoft.com/security/in...load_ject.mspx
To determine if the malicious code is on your computer, search for the following files:
Kk32.dll
Surf.dat
Steps for Windows XP users:
On the taskbar at the bottom of your screen, click Start, and then click Search.
Under What do you want to search for? click All files and folders.
Under All or part of the file name:
type: Kk32.dll
and then click the Search button.
Under All or part of the file name:
type: Surf.dat
and then click the Search button.
If either of these files is present, your computer may be infected.
Web Virus May Be Stealing Financial Data
New Scheme Causes Web Sites to Spread the Bug
By ANICK JESDANUN, AP
NEW YORK (June 26) - A computer virus designed to steal valuable information like passwords spread Friday through a new technique that converted popular Web sites into virus transmitters.
Though the impact of the ''Scob'' outbreak was mild compared with recent infections like ''Sasser'' and ''Blaster,'' security experts worried about its method of delivery.
With Scob, virus writers have discovered yet another way - beyond e-mail and network techniques - of distributing their malicious code.
Now that the exploit is out, it won't be long before others adapt it for spamming and for launching broad attacks to cripple the Internet, said Alfred Huger, senior director of engineering at security company Symantec Corp.
The infection, first discovered by Microsoft Corp. on Thursday, appears to take advantage of three separate flaws with Microsoft products and can be difficult to detect.
Stephen Toulouse, a security program manager at Microsoft, said software updates to fix two of them had been released in April, but the third flaw was newly discovered and had no patch available yet.
He recommended that computer owners obtain the latest security updates for Microsoft products and their anti-virus and firewall programs. For the flaw that lacks a patch, he said, users should also turn up security settings on Microsoft's Internet Explorer browsers to the highest levels.
Users could also turn off the ''JavaScript'' feature on their Microsoft browsers, though doing so could cripple functions on some sites.
The virus does not affect Macintosh versions of Internet Explorer, nor does it spread through non-Microsoft browsers like Mozilla and Opera.
Users can search their computers for the files ''Kk32.dll'' or ''Surf.dat'' to see if they are infected. Removal tools are available from major anti-virus vendors.
Experts said the infection was unusually broad but wasn't substantially interfering with Internet traffic.
The U.S. Computer Emergency Readiness Team warned that any Web site, even those trusted by users, might be a vector for spreading the virus.
Security experts worked Friday to pin down how hackers managed to infect hundreds and possibly thousands of Web sites. It appears to target at least one recent version of Microsoft software for operating Web sites, called Internet Information Server.
Hackers made subtle changes to the Web site so visitors get a piece of code that's designed to retrieve, from a Russian Web site, software that records a person's keystrokes.
Such data, which can include credit card numbers, bank accounts and passwords, are collected for remote delivery to hackers, experts say.
The virus, however, does not attempt to spread itself, helping to limit its effect.
Web sites have been used before to spread a form of spyware called ''browser hijackers.'' One, known as Qhosts, disables access to major search engines and resets the Internet Explorer browser home page to a little-known site.
But those typically have involved ''users having been visiting shady sites,'' Chris Kraft, senior security analyst at Sophos Inc. Here, hackers plant the code on business, government and other everyday sites they do not normally control.
''This is kind of ingenious,'' Kraft said
__________________
"I'll keep my money, guns and freedom. You can keep the "Change."
"I'll keep my money, guns and freedom. You can keep the "Change."
Thread Starter
un-Touch'd krew
Joined: May 2001
Posts: 51,774
Likes: 1
From: My own level of hell
Originally Posted by 93DelSolSi
:shocked:
Nowhere in any of the articles I read did I see anything mentioned about SP2 since this has just come to light all the way across the board.
BTW I use Opera so no more jackware for me
__________________
"I'll keep my money, guns and freedom. You can keep the "Change."
"I'll keep my money, guns and freedom. You can keep the "Change."
Set a fire, go to jail!
Joined: Jan 2003
Posts: 300
Likes: 0
Originally Posted by Nightshade
"No files found."
♫ ♫ ♫ ♫ ♫
Joined: Mar 2004
Posts: 1,314
Likes: 0
From: Sussex, Wisconsin
Originally Posted by Nightshade
And you were saying something about SP2
Nowhere in any of the articles I read did I see anything mentioned about SP2 since this has just come to light all the way across the board.
BTW I use Opera so no more jackware for me
Nowhere in any of the articles I read did I see anything mentioned about SP2 since this has just come to light all the way across the board.
BTW I use Opera so no more jackware for me
you use Opera too!!!! i had that for about 1 month now, its great!!!!
Floppy Death! noES!!!
Joined: Oct 2002
Posts: 21,218
Likes: 0
From: Scranton, PA
This will help prevent most of those "MS Insecurities"
http://www.mozilla.org/products/fire...xSetup-0.9.exe
http://www.mozilla.org/products/fire...xSetup-0.9.exe
Administrator ☂
Joined: Jul 2002
Posts: 56,734
Likes: 3
From: NY
Originally Posted by Nightshade
Nowhere in any of the articles I read did I see anything mentioned about SP2 since this has just come to light all the way across the board.
That's weird... http://www.microsoft.com/security/in...load_ject.mspx
__________________
9Y0 Cayenne GTS
E46 ///M3
YD4 MDX - SOLD
EG Ferio - SOLD
FA Ferio - Returned
www.NelsonLee.net
9Y0 Cayenne GTS
E46 ///M3
YD4 MDX - SOLD
EG Ferio - SOLD
FA Ferio - Returned
www.NelsonLee.net
♫ ♫ ♫ ♫ ♫
Joined: Mar 2004
Posts: 1,314
Likes: 0
From: Sussex, Wisconsin
Originally Posted by MaxBoosT
"Important Customers who have deployed Windows XP Service Pack 2 RC2 are not at risk."
That's weird... http://www.microsoft.com/security/in...load_ject.mspx
That's weird... http://www.microsoft.com/security/in...load_ject.mspx
thank you.