[Previous entry: "Critical Windows patch"] [Main Index] [Next entry: "The Price of Bread"]

02/17/2004 Archived Entry: "New exploits"

Well, that didn't take long. Someone has already found a new vulnerability in the leaked Windows source code, and has written a proof-of-concept exploit (intended to show that the vulnerability is real, but not to spread or to do damage). Someone else has written a proof-of-concept exploit for the MS04-007 flaw reported last week.

On the social engineering front, a new email scam tries to convince you that you're under "police investigation" and you should visit a "federalpolice.com" website. Merely clicking on that link will take you to a web page that attempts to install a keylogging program, whose purpose is to capture your bank account number and password. This seems to be strictly a Windows vulnerability (all versions), but everyone should play it safe and not click on strange links.

You might recall the web browser bug that let "phishing" web sites put a phony URL in your browser's status bar. A new trick is to create a pop-up window with images of the status bar and address window replacing the real ones. To help detect this, in Mozilla/Netscape, go to Preferences > Advanced > Scripts & Plugins and disallow most of the "Allow scripts to:" options. (Many valid scripts need cookies, so you'll probably want to leave those options enabled.) I'm not sure Opera has this option, but the appearance of Opera is so different from other browsers that the phony address bar would be immediately obvious. I suspect this is targeted strictly at Internet Explorer users, who seem to have no defense against this attack other than common sense. Don't click on a link in an email claiming to be from PayPal, or a bank, or a credit card company.

brad