Net Manager Network Managing, Engineering and Administration with an eye toward security. Best practices meets the real world! |
Thursday, June 26, 2003 I never got a chance yesterday to post information about the "windows-update.com" trojan. Folks were getting emails from the "Windows Update Group" telling them about a new critical update they neede to apply and the link was to the above web site. Well, this was were it got interesting as the web site wasn't part of Microsoft, and it used an IE scripting error (recent) to automatically run a .exe on your machine. This executable then downloaded a trojan from a fixed site. Alex Shipp of Message Labs said they were seeing as many as 60 messages an hour go out. We got one confirmed copy of it here, but the user hadn't clicked on it. Shortly afterwords (around 10:30am Eastern/US) the web site link was taken down by the provider. posted by David | 6/26/2003 09:33:00 AM |
|
||||
| |||||
0 Comments:
Post a Comment
<< Home