Thursday, December 29, 2005

Holy trojans, Batman!

Seems like there's a fun little Windows exploit out there that allows anyone on any website to embed a very easy-to-create file with a specific extension which has the capability to run arbitrary code on your machine.

Unlike some of the previous IE exploits, this one's particularly nasty -- any program that opens or views the file (including Firefox, though you'll usually get a download/view confirmation box first) can cause the code to execute. I read a blog article by a researcher who tried to wget the file from a DOS window -- only to have Google Desktop, which was running in the background, try to cache the file, executing its payload.

So until Microsoft patches this gaping, goatse-like hole, I'd suggest being very careful about which websites you go to, and you might even reconsider reading internet forums for a little bit. Fortunately, NOD32 catches code executed by this exploit, so it'd be a good idea to install it for the time being.


Post a Comment

<< Home