Sponsor for PC Pals Forum

Author Topic: Symantec warns Windows XP users about new Trojan horse  (Read 1090 times)

Offline Clive

  • Administrator
  • *****
  • Posts: 75741
  • Won Quiz of the Year 2015,2016,2017, 2020, 2021
Symantec warns Windows XP users about new Trojan horse
« on: December 31, 2004, 14:26 »
Symantec ? an IT security company - warned on Wednesday that computers running Microsoft Windows XP can be infected by a new Trojan horse, even though it is patched with Microsoft's latest Service Pack 2.
The program - dubbed ?Phel?- infects visitors to a malicious website through Internet Explorer's Help controls, warned Symantec.

The Trojan horse exploits vulnerability, found in October, in how Internet Explorer and Windows XP Service Pack 2 handle help-files called from web pages.

The flaw is unrelated to the recent help-file flaws discovered by a Chinese security company last week. But Microsoft took the Chinese security group to task for disclosing the vulnerability without giving the company a chance to develop away to fix the problem.

The first flaw targets code used to open images on web sites or in e-mails. The LoadImage API instruction can be corrupted simply by viewing an infected image, meaning no additional action, such as opening an executable file, is required by the user.

The second flaw is in the part of Windows that activates help files and can be exploited with files that appear to be help code but actually contain malicious instructions. That flaw has been shown to exist even after SP2 is applied to Windows XP, Symantec said.

The third flaw is in the Windows kernel and can cause a denial of service attack to be triggered when malicious files are encountered, which can also happen via a web site or e-mail.

However, Microsoft doesn?t have a patch available for the October gap, or the most recent flaws, but the software giant said its programmers are working on the issue.

Meanwhile, Microsoft has urged the industry and computer users worldwide to encourage and promote the responsible disclosure of security vulnerabilities. The company statement issued recently read: ?We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests, by helping to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities with no exposure to malicious attackers while the fix is being developed.?

Offline Simon

  • Administrator
  • *****
  • Posts: 78485
  • First to score 7/7 in Quiz of The Week's News 2017
Re:Symantec warns Windows XP users about new Trojan horse
« Reply #1 on: December 31, 2004, 21:24 »
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Show unread posts since last visit.
Sponsor for PC Pals Forum