IE新漏洞无补丁,JS.Sykipot伺机发动溢出攻击
Updated: 01 Jun 2010
Internet Explorer被曝出新的远程代码执行漏洞(CVE-2010-0806)后,赛门铁克安全响应中心很快检测到利用该漏洞进行攻击的恶意脚本JS.Sykipot。当用户使用IE6或IE7浏览含有此恶意脚本的网页时,将可能受到该脚本的溢出攻击。Windows 2000/XP/Vista/NT及Windows Server 2003都可能受到影响。
如果JS.Sykipot的溢出攻击成功,一个名为Backdoor.Sykipot的后门程序就会被下载到受害用户计算机中并运行。运行时,它会首先添加注册表项以实现开机自启动,随后将反向链接到指定网站,并且监听端口以便执行收到的命令,如结束进程,下载或上传数据等。
赛门铁克已经发布相应的反病毒定义及IPS特征,以抵御JS.Sykipot利用新漏洞攻击用户计算机。同时,用户浏览网页前,可以使用“诺顿网页安全”(http://safeweb.norton.com/)分析将要访问网页的安全性。
微软目前尚未发布针对该漏洞的官方补丁。
blog entry Filed Under:
About Security Response Blog
Our security research centers around the world provide unparalleled analysis of and protection from malware, security risks, vulnerabilities, and spam.
Filter by:
Recently on Twitter
threatintel
- Revamped Fake #Android Market for SMS Fraud http://t.co/mlrosRUH #malware10 Feb 2012
- Is Waledac spam dirtying the Russian 2012 elections? http://t.co/6gWaIyq610 Feb 2012
- Trojan.Activehijack found in the wild using a known #Office #vulnerability. http://t.co/7L8Xszwr09 Feb 2012
- Infostealer.Offsupload uploads 20000+ archives of stolen data to file sharing site http://t.co/5BBG51Go #Trojan08 Feb 2012
- #Android.Bmaster - Botmaster's profits exposed http://t.co/P8jOQP37 #malware08 Feb 2012
Blog Tags
Endpoint Protection (AntiVirus) Spam Malicious Code Online Fraud Vulnerabilities & Exploits Security Risks phishing Emerging Threats Message Filter Messaging Gateway Symantec Protection Suites (SPS) Hosted Mail Security Mail Security for Exchange/Domino Evolution of Security Mobile & Wireless Email Encryption IT Risk Management W32.Stuxnet facebook Endpoint Encryption Internet Security Threat Report 10.x 11.x 9.x and Earlier Microsoft Patch Tuesday