Itchmo Forums for Cats & Dogs

Other/Misc => Computer Stuff => Topic started by: menusux on March 13, 2011, 02:13:03 PM



Title: Microsoft IE MHTML Flaw
Post by: menusux on March 13, 2011, 02:13:03 PM
http://www.pcmag.com/article2/0,2817,2381881,00.asp

PC Magazine March 13, 2011

Report: Internet Explorer Used to Exploit Windows MHTML Vulnerability

"A vulnerability in the way Internet Explorer parses MHTML content—a method for combining multiple file types and HTML content into a single file—is now targeting users as part of a "drive-by" browser attack.

"According to Qualys' Wolfgang Kandek, the attack only works against those running Internet Explorer—and Microsoft has verified that statement by noting that the attack actually works due to a specific Windows vulnerability, making one's version of Internet Explorer irrelevant as part of a fix. However, a quick fix beyond the downloadable "Fix It" pack is to switch over to an alternate browser for the time being—Chrome or Firefox to name a few."

http://support.microsoft.com/kb/2501696#FixItForMe

Microsoft Fix-It

To fix the issue, click enable lockdown MHTML


Title: Re: Microsoft IE MHTML Flaw
Post by: JJ on March 14, 2011, 09:23:17 PM
Went to the link and sounds like if you visit certain sites your computer is vulnerable? Also that WinXP and newer are most at risk but that any version of IE is at risk - what...? If you don't visit these sites (only no one says what sites they are talking about) you won't be exposed to this flaw............needs to clearly be spelled out better for those who are not very computer savvy.


Title: Re: Microsoft IE MHTML Flaw
Post by: Mandycat on March 14, 2011, 09:42:10 PM
JJ,
I also checked this out and I am not going to do anything. It appeared to me that if you visit a certain site and click on some link you are asked to click on and/or you click on a link in an e-mail, this would be a problem.  I don't totally understand it either, but it just didn't seem like I would likely have the problem since I never click on anything strange or even open suspicious e-mails. If someone has a better explanation of this, please chime in.  Also, the original notice was in January, so maybe if I haven't had a problem yet, I won't.   :-\


Title: Re: Microsoft IE MHTML Flaw
Post by: menusux on March 15, 2011, 11:13:33 AM
Where you can have issues many times is not with the website itself but with the ads which are part of it.  Had two experiences recently.  The most recent one was going to a website and having some ad that was part of it forcibly "direct" me to an apparent scam/possible drive by website that pretended to be an anti-virus survey.  It tried to keep me from closing the browser window without involving Task Manager.  Needed Task Manager to shut it down.

The next one was a web page I had visited more than once without any issues.  When I needed to return to it to check something, my A/V went off; it had blocked the download of a Trojan.  The only thing that was different about the page were the ads on it-they had changed.


Title: Re: Microsoft IE MHTML Flaw
Post by: catbird on March 15, 2011, 04:00:53 PM
I have a lot of email accounts, and recently, my work computer running IE has closed IE automatically when I try to open a Yahoo email.  This has happened intermittently for the past couple of months.  I have no problems when at home and using a Mac and no viruses or malware are detected on the Mac.  But I'm not running IE at home.


Title: Re: Microsoft IE MHTML Flaw
Post by: JJ on March 15, 2011, 04:09:13 PM
Where you can have issues many times is not with the website itself but with the ads which are part of it.  Had two experiences recently.  The most recent one was going to a website and having some ad that was part of it forcibly "direct" me to an apparent scam/possible drive by website that pretended to be an anti-virus survey.  It tried to keep me from closing the browser window without involving Task Manager.  Needed Task Manager to shut it down.

The next one was a web page I had visited more than once without any issues.  When I needed to return to it to check something, my A/V went off; it had blocked the download of a Trojan.  The only thing that was different about the page were the ads on it-they had changed.
Would adblock work to protect the computer even further then?

ETA: Now the arrival of IE9 - will that be affected by the same HTML flaw as other versions.............


Title: Re: Microsoft IE MHTML Flaw
Post by: karvskitties on March 24, 2011, 07:24:17 AM
Would adblock work to protect the computer even further then?

ETA: Now the arrival of IE9 - will that be affected by the same HTML flaw as other versions.............

This was discussed in the Amazon Forums - Amazon Ads were also producing some very nasty trojans involving new false AV programs (and, they are getting better at not letting you shut them down - regardless of task manager).

No, Adblock does not work (the user with the Trojan had Firefox with Adblock).

You need firefox with AdblockPlus (an Add On), and Noscript (another Add on).

These were all recommended, and even my AV forum recommends them.

Right now, I am posting here with Google Analytics not allowed (hint, hint).

I just don't use IE.  Neither do a lot of folks.  Not with Chrome, Opera and Firefox (not typically targeted by trojans - but Firefox is building steam  >:( ).  And Safari is obviously safe (I think).