Microsoft riled by adware scam

Thursday, 10 June 2004 09:14 EST

An adware purveyor has apparently used two previously unknown security flaws in Microsoft's Internet Explorer browser to install a toolbar on victims' computers that triggers pop-up ads, researchers said this week. One flaw lets an attacker run a program on a victim's machine, while the other enables malicious code to "cross zones," or run with privileges higher than normal. Together, the two issues allow for the creation of a website that, when visited by victims, can upload and install programs to the victim's computer, according to two analyses of the security holes.

The possibility that a group or company has apparently used the vulnerabilities as a way to sneak unwanted advertising software, or adware, onto a user's computer could be grounds for criminal charges, said Stephen Toulouse, security program manager for Microsoft.

Read Full Story

News

Next-Gen Bank Trojans Are Upon Us
Jun 23, 2006, 09:54 EST

Yet Another Government Labtop Stolen
Jun 23, 2006, 09:52 EST

Wi-Fi hacked in 'digital drive-by'
Jun 23, 2006, 09:50 EST

Phishing with Skype
Jun 23, 2006, 06:35 EST

Most Technology Companies Have Data Losses
Jun 23, 2006, 04:51 EST

What cross-site scripting isn’t
Jun 23, 2006, 04:50 EST

Secure Your Data With A Fingerprint
Jun 22, 2006, 13:04 EST

Sponsors:
Is your network open to attack? Find out with the #1 sold network security scanner: GFI LANguard Network Security Scanner! Download your FREE trial version today.	Check your website security with a FREE website security audit by Acunetix. Audit your web applications for SQL injection, cross site scripting & more with Acunetix Web Vulnerability Scanner	Software security section is sponsored by GFI, a leading developer ofnetwork security, content security and messaging software - Free trial!


Copyright © IT-Observer.com 2000 - 2006	Privacy Policy \| RSS Feeds