BleepingComputer.com > Euro Web sites spread Bofra worm via banner ads

Full Version: Euro Web sites spread Bofra worm via banner ads

BleepingComputer.com > Security > Breaking Virus & Security News

Scarlett

Nov 24 2004, 12:17 PM

I thought that this may be of interest to our European Members. Or any one of us who may visit European Sites.

Web site visitors who clicked on banner ads on a number of popular European Web sites this weekend could have infected their computers with variants of the Bofra worm, experts warned on Monday.

The attacks take advantage of an unpatched buffer overflow flaw in the way Internet Explorer 6 (IE) handles the IFrame tag, and has been confirmed on PCs running Windows XP with Service Pack 1 and Windows 2000, according to a warning posted Sunday on the SANS Institute Web site. Windows XP Service Pack 2 (SP2) is not vulnerable, it said.

The vulnerability allows attackers to gain complete control of a user's computer.

Also on Sunday, U.K. technology news Web site The Register reported that its third party ad serving company Falk AG became infected with the Bofra/IFrame exploit, forcing the Web site to suspend its ads from Falk.

"If you may have visited the Register between 6 a.m. and 12.30 p.m. GMT on Saturday, Nov. 20 using any Windows platform bar XP SP2 we strongly advise you to check your machine with up to date anti-virus software, to install SP2 if you are running Windows XP, and to strongly consider running an alternative browser, at least until Microsoft deals with the issue," The Register said on its Web site.

Full Story Here

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.