Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Windows PCs face ‘huge’ virus threat
Financial Times via Drudge ^ | January 2 2006 18:18 | By Kevin Allison in San Francisco

Posted on 01/02/2006 3:54:03 PM PST by Swordmaker

Computer security experts were grappling with the threat of a newweakness in Microsoft’s Windows operating system that could put hundreds of millions of PCs at risk of infection by spyware or viruses.

The news marks the latest security setback for Microsoft, the world’s biggest software company, whose Windows operating system is a favourite target for hackers.

“The potential [security threat] is huge,” said Mikko Hyppönen, chief research officer at F-Secure, an antivirus company. “It’s probably bigger than for any other vulnerability we’ve seen. Any version of Windows is vulnerable right now.”

The flaw, which allows hackers to infect computers using programs maliciously inserted into seemingly innocuous image files, was first discovered last week. But the potential for damaging attacks increased dramatically at the weekend after a group of computer hackers published the source code they used to exploit it. Unlike most attacks, which require victims to download or execute a suspect file, the new vulnerability makes it possible for users to infect their computers with spyware or a virus simply by viewing a web page, e-mail or instant message that contains a contaminated image.

“We haven’t seen anything that bad yet, but multiple individuals and groups are exploiting this vulnerability,” Mr Hyppönen said. He said that every Windows system shipped since 1990 contained the flaw.

Microsoft said in a security bulletin on its website that it was aware that the vulnerability was being actively exploited. But by early yesterday, it had not yet released an official patch to correct the flaw. “We are working closely with our antivirus partners and aiding law enforcement in its investigation,” the company said. In the meantime, Microsoft said it was urging customers to be careful opening e-mail or following web links from untrusted sources.

Meanwhile, some security experts were urging system administrators to take the unusual step of installing an unofficial patch created at the weekend by Ilfak Guilfanov, a Russian computer programmer.

Concerns remain that without an official patch, many corporate information technology systems could remain vulnerable as employees trickle back to work after the holiday weekend.

“We’ve received many e-mails from people saying that no one in a corporate environment will find using an unofficial patch acceptable,” wrote Tom Liston, a researcher at the Internet Storm Center, an antivirus research group. Both ISC and F-Secure have endorsed the unofficial fix.

Microsoft routinely identifies or receives reports of security weaknesses but most such vulnerabilities are limited to a particular version of the Windows operating system or other piece of Microsoft software. In recent weeks, the company has been touting its progress in combating security threats.

The company could not be reached on Monday for comment.


TOPICS: Extended News; Technical
KEYWORDS: backdoor; exploit; getamac; internetexploiter; lookoutexpress; lowqualitycrap; malware; microsoft; patch; security; securityflaw; spyware; trojam; trojan; userfriendly; virus; virusbait; viruses; vulnerability; windows; wmf; worm
Navigation: use the links below to view more comments.
first previous 1-20 ... 141-160161-180181-200201-205 last
To: steve-b; All

OK, so I ran the fix from hexblog and rebooted.

But when I ran their detection tool afterwards, I still got the bad news.

"Your system is vulnerable to WMF exploits".


201 posted on 01/04/2006 4:56:35 AM PST by Westbrook (Having more children does not divide your love, it multiplies it!)
[ Post Reply | Private Reply | To 199 | View Replies]

To: dinodino
"I hate to break it to you, Mericco, but OSX is a great operating system.

Depends on what you want to do with it. If "very little" describes your computing needs, you are good to go.

202 posted on 01/07/2006 7:58:56 PM PST by PetiteMericco
[ Post Reply | Private Reply | To 172 | View Replies]

To: zeugma
I refer you back to my post above #134. If you want to talk about Occams Razor, you might consider the fact that perhaps it is a lot harder to write a successful virus for Linux and/or OSX than it is for MS-Windows.

In return, I refer you to any thread relating to Mac computers on Fark.com for the last two weeks, including this one shooting down the silly theory of writing viruses for glory.

http://forums.fark.com/cgi/fark/comments.pl?IDLink=1846304

203 posted on 01/07/2006 8:01:11 PM PST by PetiteMericco
[ Post Reply | Private Reply | To 181 | View Replies]

To: steve-b
"Are you really so disconnected from reality that you don't realize that sociopathic criminals care about the "respect" they get from other sociopathic criminals, and don't give a damn about the opinions of normal people?

No, but you can be assured that this is not something with regard to my computer that keeps me up at night.

Of course, if what you say is true, your computer is at greater risk than mine simply based on the fact that it's a greater score. Nighty night!

204 posted on 01/07/2006 8:08:29 PM PST by PetiteMericco
[ Post Reply | Private Reply | To 183 | View Replies]

To: PetiteMericco

Well, gee, let's see: I run a PPC405 cross compiler toolchain on it, an X server, SSH and Subversion, use it for email, use Firefox to browse, and run iTunes and Photoshop. I would say you are talking out of ignorance. Perhaps Microsoft Solitaire is the most complicated app you run?


205 posted on 01/10/2006 2:18:20 PM PST by dinodino
[ Post Reply | Private Reply | To 202 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 141-160161-180181-200201-205 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson