||||
Symantec.com > Norton - United Kingdom & Ireland > Zero Day

Microsoft Zero Day Exploit


When Websites Attack . . . - Unpatched Microsoft Video Vulnerability



A new vulnerability that allows cyber criminals to infect web surfers has been in the news. While vulnerabilities are found all the time, this one is notable because there have been many reports of web sites being infected – especially in China. Infected web sites attempt to use the vulnerability to silently install malware on the computers of those that visit the site. This malware may both steal information from the users and allows the attacker to remotely control the victim’s computer.

Current users of Symantec’s Norton security products are protected. Users who lack protection are invited to download a trial version of Norton AntiVirus 2009, Norton Internet Security 2009 or Norton 360.

Symantec has a detailed technical analysis of the threat here:
http://www.symantec.com/connect/blogs/another-unpatched-vulnerability-being-massively-exploited-internet-explorer

How does the attack work?
In these attacks, called “drive-by downloads” or sometimes “browse-and-get-owned” attacks, a user visits a malicious website or a compromised legitimate website. On the site a file that labeled a picture file (.gif) contains the attack code. When the user’s browser attempts to display the picture, the attack occurs through a Microsoft technology called ActiveX.

Who is at risk? Users of Microsoft Windows XP who use any version Microsoft IE prior to version 8 at risk.

What to do if you think you may be infected
Users are advised to install Norton Internet Security 2009. Unlike free virus scanners, Norton products will detect not just the files the attack is known to attempt to install, but any attempt to take advantage of the vulnerability.

Advice to Stay Safe:

  1. Run a good security suite (we are partial to Norton Internet Security and Norton 360).
  2. Keep your computer updated with the latest patches and updates.
  3. Don’t use “free” security scans that pop up on many web sites. All too often these are fake, using scare tactics to try to get you to purchase their “full” service.
  4. Use a browser such as Mozilla Firefox, Google’s Chrome or Apple’s Safari that does not support ActiveX controls.
  5. Turn off the specific control used by this exploit. Microsoft has provided a tool for doing so. It can be found here: http://support.microsoft.com/kb/972890
  6. Back up your computer.
  7. Check your bank and credit card accounts regularly to ensure that all transactions are legitimate.

FAQ


Q. I only use the internet to check my email and to read the news, am I at risk?
A. Yes. Any web site may be compromised. Symantec receives thousands of reports daily of newly infected web sites. Even if you use the internet for only the most basic of services you need security.

Q. I don’t use Windows XP, can this attack affect me?
A. No. This specific attack only will impact those who use Windows XP and who use older versions Microsoft IE (any version prior to version 8). However, there are thousands of other attacks that are targeted at other operating systems and other browsers.

Q: How do I know if I am infected?
A. The only reliable way to know if you are infected is to scan your computer with a good security product. Most virus writers attempt to hide their activities. Users may be infected for months without realizing that their computer has been compromised.

Save 20% when you buy a 2-year subscription of these great Norton products!
©1995 - 2009 Symantec Corporation
Site Map|
Legal Notices|
Privacy Policy|
Contact Us|
Global Sites|
License Agreements