|
There are isolated problems with current patches, but they are well-known and documented on this site. |
-
Data Held Hostage Using MS04-023 Hole in IE
WebSense Security Labs reports that a particularly enterprising cretin has discovered a way to exploit an old, patched hole in Internet Explorer. Seems that IE can be tricked into running any program, thinking that it’s working with a formatted Help file. Don’t worry. If you’ve installed Windows XP Service Pack 2 (you have, haven’t you?) the hole is already plugged.
The exploit involves an aberrant Compiled Help Module (CHM) file, and the way IE can run CHM files without your knowledge or permission. You go to a Web site and WHAM you get hit, no clicking required.
In this case, the cretin came up with a program that reaches out to another Web site, downloads a Trojan (one that’s very similar to Trojan.Pgpcoder), and runs the Trojan. The Trojan then merrily scans your hard drive(s) and your network drives, looks for any of fifteen different file types (including .doc, .xls, .jpg, .zip and .txt), encrypts the files, deletes the originals and – here’s the kicker – leaves a note behind in each folder that contained a scrambled file, demanding $200 for the key to unlock the file.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
My 3 monitors go black & then the Taskbar is moved to center monitor
by 2 hours, 30 minutes ago
-
Apple backports fixes
by 2 hours, 39 minutes ago
-
Win 11 24H2 will not install
by 2 hours, 44 minutes ago
-
Advice to convert MBR to GPT and install Windows 11 Pro on unsupported PC
by 2 hours, 15 minutes ago
-
Photos from iPhone to Win 10 duplicating/reformatting to .mov
by 4 hours, 22 minutes ago
-
Thunderbird in trouble. Here comes Thundermail
by 2 hours, 31 minutes ago
-
Get back ” Open With” in context menus
by 15 hours, 24 minutes ago
-
Many AMD Ryzen 9800X3D on ASRock have died
by 19 hours, 11 minutes ago
-
simple general stupid question
by 13 hours, 11 minutes ago
-
April 2025 Office non-Security updates
by 1 day, 6 hours ago
-
Microsoft wants to hear from you
by 6 hours, 18 minutes ago
-
Windows 11 Insider Preview Build 22635.5160 (23H2) released to BETA
by 1 day, 9 hours ago
-
Europe Seeks Alternatives to U.S. Cloud Providers
by 1 day, 15 hours ago
-
Test post
by 1 day, 17 hours ago
-
Used Systems to delete Temp files Gone WRONG what does this mean?
by 1 day, 19 hours ago
-
SSD shuts down on its own
by 1 day, 10 hours ago
-
OneDrive File Sharing Changes
by 2 days, 3 hours ago
-
OneDrive File Sharing Changes
by 2 days, 5 hours ago
-
Win 10 Pro 22H2 to Win 11 Pro 23H2 Conversion Guide
by 1 day, 5 hours ago
-
Today is world backup day
by 1 day, 20 hours ago
-
Windows .exe on Mint
by 1 hour, 57 minutes ago
-
Reviewing your licensing options
by 2 hours, 51 minutes ago
-
Apple has been analyzing your photos since September 2024
by 1 day, 2 hours ago
-
What Windows 11 24H2 offers beyond bugs
by 22 hours ago
-
Making sense of Settings in Windows 11
by 23 hours, 19 minutes ago
-
Windows 11 pro fails to log in after upgrading Win 10 pro to Win 11 pro 24h2
by 2 days, 3 hours ago
-
23H2 / 24H2 / Local v. Microsoft Account.
by 2 days ago
-
YouTube Ad Blocker Blocker
by 2 days, 1 hour ago
-
Obscure historical facts about Windows
by 2 days, 2 hours ago
-
Microsoft Backup
by 1 day, 18 hours ago
Remembering Woody
