• Patched IE7 Flaw Attacked

    Patched IE7 Flaw Attacked

    Techtree News Staff, Feb 18, 2009 1309 hrs IST

    The attack begins with a malicious .doc file downloaded from email

    mail share


Security firm, Trend Micro, has pointed out a serious Internet Explorer 7 flaw even after Microsoft patched it last week. The attacks seem to be occurring on specific targets but have a potential to grow eventually.


According to the Trend Micro Blog entry, the attack begins with a malicious .doc file downloaded from email. When opened, the malicious code 'XML_DLOADR.A' executes an ActiveX object and downloads to install a remote backdoor .dll (dynamic link library) file.


This backdoor .dll is capable of stealing information and another malicious script sends screenshots of infected system to remote location through port 443. The infected system with this backdoor .dll file makes anybody capable of running commands on the system, and may be, turn it into a zombie or Botnet for further attacks.


Microsoft had released a critical security patch MS09-002 for the bug in IE7. This patch fixed the errors seen when deleted objects (files) were being looked for.


Our suggestion would be to update the security software with the latest virus database and download, and install latest security patches.

Follow Techtree on Twitter

Related Links
Microsoft Launching New Phone?
Microsoft Antipiracy Case: 11 Convicted
Microsoft Wireless Entertainment Desktop 7000
Tag keywords
IE7 Flaw Internet Explorer 7 Microsoft Patch



Discussion Board
(2) Comments
bow wow
,new york, on Feb 21, 2009 02:52 AM
ksjkjddjdjsdkjdxdsjsshsnssnhssjshsjchhhdngddjusmdksdssmks
Report abuse
douaa
,beyrout, on Feb 19, 2009 10:09 PM
hi kifik
Report abuse

Opinion Poll