Sunday, June 27, 2004
Good news on the problem from two days ago
Antivirus vendors are detecting it now, the number of contagious web sites seems to have been small, and most important the Russian server that distributed the actual poisonous payload is down (nobody knows why).
The security community is still piecing together what happened. There's been a lot of confusion. I'll do some Q&A for you.
Q: I heard that eBay and PayPal were infected. Am I in trouble if I visited them?
A: Probably not (but run an updated antivirus scan anyway, of course). They seem to have escaped. The rumor probably got started because the ultimate goal of the software included stealing eBay and PayPal passwords. There were also rumors about Yahoo! and Earthlink, which couldn't have been infected because they don't run Windows servers.
Q: What web sites were affected?
A: Kelley Blue Book, BuyMicro, MinervaHealth according to reports I've seen. There must have been others but the names haven't been made public.
Q: Did the Computer Emergency Response Team (CERT) really recommend switching away from Internet Explorer in response to this problem?
A: Yes, even before bad people starting taking over web servers to take advantage of the weakness in Internet Explorer.
Q: Could this happen again?
A: Yes.
Q: Is is safe to use Internet Explorer now?
A: No. Unless you're on a Mac or running Windows XP Service Pack 2.
Q: Am I safe if I stop using Internet Explorer?
A: Safe from this particular problem but you should also look at alternatives to Outlook and Outlook Express. They use parts of Internet Explorer to display mail and might be hit by future problems.
|
The security community is still piecing together what happened. There's been a lot of confusion. I'll do some Q&A for you.
Q: I heard that eBay and PayPal were infected. Am I in trouble if I visited them?
A: Probably not (but run an updated antivirus scan anyway, of course). They seem to have escaped. The rumor probably got started because the ultimate goal of the software included stealing eBay and PayPal passwords. There were also rumors about Yahoo! and Earthlink, which couldn't have been infected because they don't run Windows servers.
Q: What web sites were affected?
A: Kelley Blue Book, BuyMicro, MinervaHealth according to reports I've seen. There must have been others but the names haven't been made public.
Q: Did the Computer Emergency Response Team (CERT) really recommend switching away from Internet Explorer in response to this problem?
A: Yes, even before bad people starting taking over web servers to take advantage of the weakness in Internet Explorer.
Q: Could this happen again?
A: Yes.
Q: Is is safe to use Internet Explorer now?
A: No. Unless you're on a Mac or running Windows XP Service Pack 2.
Q: Am I safe if I stop using Internet Explorer?
A: Safe from this particular problem but you should also look at alternatives to Outlook and Outlook Express. They use parts of Internet Explorer to display mail and might be hit by future problems.
# posted by Frederick @ 3:19 PM Email to a friend:
Haloscan: they provide trackback