“Security researchers warned Web surfers on Thursday to be on guard after uncovering evidence that widespread Web server compromises have turned corporate home pages into points of digital infection,” Robert Lemos reports for CNET News.
“The researchers believe that online organized crime groups are breaking into Web servers and surreptitiously inserting code that takes advantage of two flaws in Internet Explorer that Microsoft has not yet fixed. Those flaws allow the Web server to install a program that takes control of the user’s computer,” Lemos reports.
“The extent of the attacks is unknown, but the security community has seen numerous cases of personal computers infected when the user merely visits a Web site. ‘It is not epidemic, but it is being seen,’ said Alfred Huger, senior director of engineering for security company Symantec. ‘Do we think it is serious? Yeah. It’s a concern and it’s insidious.’ …the flaws affect every user of Internet Explorer, because Microsoft has not yet released a patch. Moreover, the infectious Web sites are not just those of minor companies inhabiting the backwaters of the Web, but major companies, including some banks, said Brent Houlahan, chief technology officer of NetSec,” Lemos reports.
“Meanwhile, the average Internet surfer is left with few options. Windows users could download an alternate browser, such as Mozilla or Opera, and Mac users are not in danger,” Lemos reports.
Full article here.
MacDailyNews Take: The fun continues for our long-suffering Windows brethren. Mac users, happy surfing!
Related MacDailyNews article:
Spyware, adware plague Windows users online; Mac OS X users surf freely – April 19, 2004
Insert sarcasm here …. But Secunia is reporting that its more of a problem for Mac’s than PC’s… who am I supposed to belive???
um a dah,
I dont know what to say…
My IT department has assured me that the Microsoft operating system is safe and that is why we use it.
�
sputnik – you were off to a great start today. you are sputtering. relax, it will come to you. feel the force my son.
I can assure you that our web site is safe – BG told me so. PLEASE PLEASE PLEASE subscribe to our service.
aw look at me i am a thick idiot and dont know anything aw look at that i am a sheep as well all my friends got windowz and they say its safe and i must buy it because my frends got it, please some one help me to get brains.
thank you
ps I AM AN IDIOT
Sputnik, I am sure that your IT department knows what they are talking about. After all, they are trained professionals. Continue surfing in safety. Take comfort in the safety and security of the Microsoft operating system, Internet Explorer, and all of the other fine Microsoft products. Your IT people are probably well trained and certified in every aspect of — Microsoft and their products. Their jobs are important to them and they will only give you their best advice.
I admit that I will personally stay with the beauty and security of the Mac, but I’m sure we are all happy that you passed on your IT department’s reassurances to us.
Stay well.
The best section out of the article was this:
“Meanwhile, the average Internet surfer is left with few options. Windows users could download an alternate browser, such as Mozilla or Opera, and Mac users are not in danger.
NetSec’s Houlahan advocated drastic action.
“I told my wife, unless it is absolutely necessary and unless you are going to a site like our banking site, stay off the Internet right now,” he said.”
Yeah, spend a few bucks less on a computer that you shouldn’t be using on the internet.
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
Is windows.update.com one of the sites? Of course it is, but the crapware is put there on purpose and people continue to choose to download it.
Hey Joe Mc, are you out there, or are you afraid to get on the ‘net today because of this? I am asking you because you always complain about the initial cost of Macs and I often advocate them because of “total cost of ownership”. So how much of a price do you put on the cost of constant concerns like this?
Happy Friday!
Now remind me again what you were saying just yesterday Secunia???
To all those people who accuse me of being a Mac zealot, when really I just want to get my work done as quickly as possible without worrying about all this sort of crap:-
Happy Surfing
” width=”19″ height=”19″ alt=”grin” style=”border:0;” />
An odd thing happened to me last night while surfing the net with Safari. I went to the the Palm [Pilot] website. After getting past the home page, Safari suddenly quit. Not thinking much of it, I relaunched Safari and went back to the same website. Once again after trying to go past the home page, Safari quit again.
I checked the crash log of Safari and found dozens of lines stating Javascript errors. Last night, it was a complete mystery, but after reading the story in “InfoWorld” (link below) they stated that JavaScript code was being attached to an image or graphics file. now I am wondering if the folks at Palm are one of the unwitting victims of this latest set of web attacks.
Here is the link (hope it comes up okay in this post. If the link doesn’t work, go to [url=http://www.MacMinute.com]http://www.MacMinute.com[/url] and follow the link in their story)
http://www.infoworld.com/article/04/06/24/HNnewattack_1.html?source=rss&url=http://www.infoworld.com/article/04/06/24/HNnewattack_1.html
It appears that Safari may have also been affected to the point of crashing when encountering images containing this possibly corrupted JavaScript. Because the system is locked (let’s hear it for Free BSD) I don’t suspect that this got any further. I will be talking to the folks at Apple about this after work and hope to send them a copy of my crash log.
not yet fixed? i thought everyone was mad at apple for taking too long on fixing holes.
<<not yet fixed? i thought everyone was mad at apple for taking too long on fixing holes.>>
Exactly. I certainly don’t hear CNET or Techworld screaming about this major vulnerability despite the fact that it impacts a much larger number of issues than any of Safari’s relatively minor issues did…
I can see Billy Gates saying to Monkey Boy “I’m broke all my money is gone.”
Sucked up by some Russian mafia type.
Must be fun using Explorer & Windows for banking.
W_EXPLORER_users: dump your browser, trash it — immediately (assuming you downloaded a couple of replacement browsers first). This could save you a world of grief! Change your bank accounts, your email, your credit card numbers too — they have been compromised. Your data is sitting on some database somewhere along with that of your family and friends, ready for one mass-multiple fraud transaction by organized crime before they retire to the good life with your retirement assets. DO IT QUICK! And consider changing your name and address too. You may not be who you think you are anymore.
Less is More:
You can’t trash Explorer, Windows won’t let you. Typical crap that gives you no control over your system (Too embedded). My brother an IT professional tried & trashed a PC. By the way his tech department tested a G5 & confirmed to him that its the best “bang for your buck” (his words) computer on the market today.
Sara, go back to bed … it’s early Saturday
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
Actually, I heard that with longhorn, you won’t be able to download anything Microchit doesn’t approve of. You might even be stuck with longhorn explorer with no ports open except to the Microchit web.
… for security purposes.
Less is More: yes its too early need to sleep, too tired.
This is starting to get serious. Microsoft may soon recommend that people stop using their computers in order to avoid being infected by this virus.
Three words says it all:
BUY A MAC!
[url=http://www.apple.com]http://www.apple.com[/url]
“Bush is unpopular in Turkey, where the overwhelming majority of the public opposed the Iraq war.
As the president arrived in Turkey Saturday, supporters of Jordanian-born militant Abu Musab al-Zarqawi said they kidnapped three Turkish workers in Iraq, Arab TV station al-Jazeera reported.
The group has threatened to behead the hostages, an al-Jazeera employee told The Associated Press.
The protest in the Kadikoy district, on the Asian side of Istanbul, attracted more than 40,000 people, mostly members of leftist groups, police said.”
you can see with your own eyes here
http://www.cnn.com/2004/WORLD/europe/06/27/turkey.protest.ap/index.html
They try to make unfair subtle associations between 40000 anti-bush protesters in turkey and the hediondous al-Zarqawi group. Do i have to say more about how news are given in the USA freedom of press way… very oportune the introduction of both phrases between a new that has nothing to do with al-Zarqawi. Sweet!!!
And now the description is wrong. http://freehomehobby.250free.com/