Home >> News

New IE bug ready to launch Conficker-scale attack
By siliconindia   |   Thursday, 09 July 2009, 21:33 IST   |    2 Comments
Printer Print Email Email
New IE bug ready to launch Conficker-scale attack
Bangalore: Microsoft has confirmed a critical bug, which has yet to patch is a major threat as it can launch another Conficker-scale attack, a security researcher informed. It is custom made for the hackers, as experts anticipates major attackes, Computer World reports. "It's better in terms of vulnerability of Conficker; it exposes the whole world, and can be exploited through the firewall. That's better than Conficker, which mostly did its damage once it got inside a network," said Roger Thompson, Chief Research Officer, AVG Technologies. Conficker had bumped up in January infecting millions of machines, exploiting an already-patched bug in Windows that Microsoft had thought dire enough to fix outside its usual update schedule. The worm hijacked a large number of PCs, estimated to around 12 million at one point -- and then assembled them into a massive botnet able to spread malware, plant fake antivirus software or distribute huge amounts of spam. "I have no doubt that the really bad guys are bustling to get this [new vulnerability] into their exploit toolkits, for the Conficker people, this could be the next thing. They waited until they had a really good exploit, and then combined that with some smart strategies. So I wouldn't be surprised if they picked up on this," said Thompson. Thompson is worried about the vulnerability in Microsoft Video Controller ActiveX Library, the "msvidctl.dll" file, an ActiveX control that can be accessed using Internet Explorer (IE). Though the bug has already been used by hackers since June 9, it only made it into the public eye this week, when several security companies in China and Denmark reported thousands of compromised sites were serving up exploits. Microsoft has admitted the vulnerability in a security advisory, and has announced to produce a patch, also provided an automated tool to disable the ActiveX control by setting nearly three-dozen "kill bits" in the Windows registry. "This is a good exploit with a big lump of infectable people," said Thompson. As the bug has not been patched, it has become an excellent choice for hackers. When Conficker first appeared, the flaw it exploited had already been patched by Microsoft. It turned out, however, that there were plenty of PCs that had not been updated with the fix. Thompson hopes Microsoft will soon come up with a solution added to the patches scheduled to be delivered next Tuesday, he said "I'm fairly confident that they're trying very hard." He has warned to be careful if there happens to be an infection before the patch, which the buggers will exploit heavily.

siliconindia
Digital Supply Chain Transformation – Winning the AI/ML Way