Internet Explorer Bug Alert

Published: Thursday, December 08, 2005 Online-Casinos.com

INTERNET EXPLORER BUG ALERT

IE users beware of this spyware menace

Websense reports that a still-unpatched Internet Explorer vulnerability is being used by malicious attackers intent on infecting unsuspecting Internet users with spyware and adware.

"Large numbers" of malicious Web sites are being used to contaminate PCs using the Windows operating system by planting spyware and adware, the security company claims.

San Diego-based Websense said in an alert that technical investgators have detected thousands of sites connecting to a main malicious URL that is "....actively exploiting this vulnerability to execute malicious code."

All it takes is a visit to one of the sites with Internet Explorer running on Windows 98, Windows Me, Windows 2000, or Windows XP, to compromise a computer, the warning noted. A bogus warning that the machine is infected with spyware appears and a so-called "spyware cleaning" application launches. That application then prompts the user to enter a credit card number.

What's actually installed, however, is real spyware, which then connects to a URL in the .biz domain to download and run more than 10 other programs that install without the user's knowledge or consent.

According to Websense, the .biz domain Web site is real, but has been compromised by hackers. Hosted in the U.S., it is currently still online.

There is no patch for the bug, which was originally reported to Microsoft in May. The bug was found to be more dangerous than first thought in November by U.K.-based security vendor Computer Terrorism Ltd. Microsoft has said it is working on a fix, but has not committed to a release date for the patch. The next regularly-scheduled patch day is Tuesday, Dec. 13.

Microsoft, however, has issued a security advisory which outlines several steps users can take to protect themselves, including disabling IE's Active Scripting option.