[chadfree] Phel Trojan ~ Ask IE For Help, Get a Trojan


Ask IE For Help, Get a Trojan

From Slashdot;
http://it.slashdot.org/it/04/12/31/1323218.shtml?tid=201&tid=172
Posted by michael on Friday December 31, @08:50AM
from the unplug-your-computer-for-protection dept.
lightdarkness writes "Symantec is reporting about a new virus called Phel
(Anagram of 'help') which is a Trojan which spreads via a HTML file. All the
user needs to do is go to the page, and it takes advantage of the
vulnerability in the IE Help control component files. This allows the
attacker to download malicious programs on to the machine. Worst part is,
this is one of the exploits that even effects SP2. Microsoft is said to be
working to stop the spread, and to release a patch." The exploit is
apparently not the same as the help file problems disclosed last week. 
US-based security firm Symantec has issued an advisory about the Phel
Trojan, discovered on Wednesday, which infects PCs running Windows XP.

http://securityresponse.symantec.com/avcenter/venc/data/trojan.phel.a.html

Trojan.Phel.A is a Trojan horse program, which is distributed as an .html
file, and attempts to exploit the Microsoft Internet Explorer HTML Help
Control Local Zone Security Restriction Bypass Vulnerability (BID 11467).

Trojan.Phel.A attempts to infect computers running Microsoft Windows XP
Service Pack 2 or later.
++ There is more on the web site.

From Computerworld;
http://www.computerworld.com/securitytopics/security/holes/story/0,10801,9863

6,00.html
S N I P
Microsoft is working to forensically analyze the malicious code in Phel and
will work with law enforcement agencies to identify and bring to justice
those responsible for the malicious activity, he said. 

"Microsoft is taking this vulnerability very seriously, and an update to
correct the vulnerability is currently in development," the spokesperson
said in an e-mail message. "We will release the security update when the
development and testing process is complete, and the update is found to
effectively correct the vulnerability." 

Microsoft said customers in North America who think they may have been
affected can receive help with security update issues or viruses at no
charge by calling Product Support Services at 866-727-2338. International
customers can receive the same level of support online at
http://support.microsoft.com. 
++

Mike ~ one of the Moderators
It is a good day if I learned something new.
Editor MikesWhatsNews http://www.mwn.ca/ 
Tsunami Disaster Relief
http://www.cnn.com/2004/WORLD/asiapcf/12/27/quake.aidsites/


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Was this forwarded to you?  Want to subscribe?  Send an email 
to chadfree-request@xxxxxxxxxxxxx?Subject=subscribe.

For a complete list of email commands for our list send an email 
to ecartis@xxxxxxxxxxxxx with a subject line of "info chadfree" without the 
quotes.

If you wish to unsubscribe from our list send an email to;
 chadfree-request@xxxxxxxxxxxxx?Subject=unsubscribe

To contact the list moderators send an email to 
chadfree-moderators@xxxxxxxxxxxxx
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Other related posts: