Monday, November 29, 2004
IE hacked - again
One of the tech feeds i read regularly is The Register. I wont post the url just yet due to their comment below.
The Register wrote: "If you may have visited the Register between 6am and 12.30pm GMT on Saturday, Nov 20 using any Windows platform bar XP SP2 we strongly advise you to check your machine with up to date anti-virus software, to install SP2 if you are running Windows XP, and to strongly consider running an alternative browser, at least until Microsoft deals with the issue."
Sourced from the Computer Business Review Online.
Fortunately I read The REgister using RSS and my news aggregator so I have not been affected.
This hack was an exploit of a vulnerability in IE's implementation of Iframe, an HTML tag that allows one page to invisibly nest another page. The vulnerability came to light October 24, and Microsoft Corp has not yet issued a fix.
It was delivered to several websites including The Register by an advertising server company called Falk. Potentially thousands of PC's have been compromised and had a trojan downloaded.
Windows XP Service Pack 2 would have apparently stopped it.