Internet Explorer

Overheard - The role of ActiveX in browser exploits

Because so many ActiveX controls turn out to be malicious, Microsoft designed Internet Explorer 7 so that it displays a warning every time a site attempts to use an ActiveX control. The problem is that the casual user does not typically understand what an ActiveX control is, or what the consequences of allowing an ActiveX control to run might be. Brian Posey, ActiveX security improves with Internet Explorer 8’s security features

Experts are predicting that there’s no end in sight for ActiveX exploits.  It makes sense — because even criminals want to be cost-efficient.  If you’re trying to find vulnerabilities to exploit, you to make sure you can affect the highest number of people — and IE is still #1.

Overheard - Confliker / Downadup worm alert

Security vendors from across the spectrum have warned that a stingy worm has been successfully exploiting a hole in Microsoft Windows server service. Known as Confliker or Downadup, the worm spreads by exploiting a remote procedure call (RPC) vulnerability. Robert Westerfelt, Confliker, Downadup worm hype? Get the facts

There’s a new variant of the Conficker worm. It’s known as ‘Downadup.’ Microsoft issued a patch for the worm last October but it’s still spreading and mutating.

The worm, which some authorities say has been able to build the largest botnet on record,  works by exploiting a vulnerability in remote procedure calls that allows remote code to be executed once a vulnerable machine receives a specially crafted RPC request.  In plain English, this means that if an end user views a specially crafted Web page using Internet Explorer, his computer will request malicious code to be executed. Like many of its malicious predecessors, this worm denies infected machines Internet access to security vendor websites.

Microsoft added routines to clean up Conficker infections to the January edition of its Malicious Software Removal Tool.  Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates. The National Cyber Alert System recommends that to prevent further infections by infected USB devices, users should disable the Windows auto-play feature.

Overheard: You’re getting IE7 whether you want it or not

Microsoft has warned corporate administrators that it will push a new version of Internet Explorer 7 their way February 12th, and it has posted guidelines on how to ward off the automatic update if admins want to keep the older IE6 browser on their companies’ machines. Gregg Keizer, Microsoft warns businesses of impending autoupdate to IE7