All Things Microsoft > Microsoft as a Company

MS software allows massive web attacks

(1/2) > >>

Xeen:
A big internet attack this week has INFECTED many web sites.

 
quote:The attack is more dangerous than most, because infection is possible just by visiting affected Web sites
--- End quote ---


 
quote: The attackers, whose identities are unknown, targeted a flaw in Web sites powered by Microsoft's Internet Information Services Web server (IIS). The sites hit by the attack were programmed to redirect the Explorer browser to another Web site that contains code that hackers use to record what people type on their keyboards -- including data such as passwords, credit card and Social Security numbers. The code then e-mails that information back to the attackers. Computers that run Microsoft's Internet Explorer browsers are vulnerable to infection
--- End quote ---


Great job as always, Bill.      


Cyber security departments are also concerned that terrorists might attempt to do some kind of internet attack. If that happens, I wonder if we can invade Microsoft Corp for some regime change for "sponsoring" terror.

Article

[ June 25, 2004: Message edited by: xeen ]

Orethrius:
I find it particularly choice that after this:
 
quote:*snip*
 CERT recommends that Internet Explorer users consider different browsers such as Mozilla Firefox, Netscape Communicator or Opera. For people who continue to use Internet Explorer, CERT and Microsoft recommend setting the browser's security setting to "high."
*snip*
--- End quote ---


they would go on to detail the method for protecting MSIE against the problem.  MSIE *IS* the problem, and you have the foremost in government agencies telling you that in legalese!

Edit: Actually, upon more careful review, it's worse - you have the foremost in government agencies TELLING YOU to switch from MSIE.  What more do you need, a written invitation - signed, sealed, and delivered?

[ June 25, 2004: Message edited by: Midnight Candidate ]

solarismka:
Wow thats just priceless.  

So much for it being the endusers3rdpartyhardwaresoftware's fault.

  :D

WMD:
A single attack hitting two MS products.  Damn, this is a good one...

So an IIS site gets attacked...the site then reroutes IE users to a site that 0wns their computers.  :D

solarismka:

quote:Originally posted by WMD:
A single attack hitting two MS products.  Damn, this is a good one...

So an IIS site gets attacked...the site then reroutes IE users to a site that 0wns their computers.   :D  
--- End quote ---


Its a very clever idea, wish I thought of it  :D    

Navigation

[0] Message Index

[#] Next page

Go to full version