Major Security Issue With Internet Explorer

Qhost appears to change some of the DNS settings on infected machines and adds a couple of entries to the registry, but doesn't seem to take any other immediate actions.

thank you for the fyi...

My system configuration options are all locked and you need a password to even begin to change them...

Also, I would suggest that people do not operate under the Administrator account on NT ( that is 3.5 - 3.51, 4.0, 2000 and XP they are all NT ). Create a PowerUser account and run under that, some group policies would be a good thing also. Do not stick with defaults on intra-network configurations or use simple passwords.

I also would not suggest anyone run out and change browsers, IE works just fine and is no more a security risk than any other Browser out there. It is up to the end user, tech or admin to setup computers as safe as they can to lock them down security wise.

Also Gateway/Routers with NAT technology are dirt cheap... They handle Dialup, Cable and DSL and do protect your system on the hardware level, a software Firewall is a must just as a proven Virus protection package is.


anyway....

If there is a person out there on this site which has been coming here for more than two weeks that does not have a active registry monitor blocking Spyware and Adware I would be surprised, and if longer I would be shocked.

In order to exploit the weakness, an attacker would need only to entice a user to open a malicious e-mail or visit a Web site, where a Trojan or other malicious code could be automatically installed on the user's PC.

This is silly, this person knows damn well that if a system is not protected enough to stop this from happening, this is the least of the persons worries...







[Message Edited]

I read the same thing into it IP...he might as well have said 'unplug from the net and you'll be safe'

Well not everyone is so tech savy, average users are the ones who will get exposed to that junk, no need for the nose thumbing. And if IE was so damn safe, how come there are patches released all the time for it? How friggin safe is that? IE needs to be layed to rest, or seriously revamped in my opinion,it is the only thing really hobbling Windows as far as safety goes, but that is just my opinion.

No.75 - we weren't thumbing our nose at anyone. We were just pointing out that it's that kind of statement that scares people.(and you don't have be savvy to be that). The productive method tells you what to, not what not to do.

exactly...

I meant it when I thanked you for the fyi, it is something for everyone to know about. really really.

But what they neglected to tell people was that in the world of online you do not hedge your bets by protecting after the fact but before it by attempting to keep protected from the unknown....

With the Internet or any public data communication backbone (phone lines) one should have protection from any hardware level attacks that do not involve actually coming in through an open application such as IE or what have you. Then on the application side you should protect your programs which do open the system up to public access networks. Norton Internet Security, Zone Alarm, and so forth.

Thats a couple of the pieces of the puzzle. But you have to add protecting the computer itself to the puzzle by protecting your registry from having anything, and I mean everything, from changing your registry without you saying it is ok.

That is something that we have and do go over at least twice a month on the msg board here which was why my comment on being suprised and or shocked in my first post. Not trying to be obnoxious and not trying to look down on anyone or pick at them for not being more informed in the least. Just commenting on the fact that it is a regular theme on the board on what to do to protect your system on the net...

I do apologize if it was taken that way in the least really really

Quite an interesting bit of info, but not at all surprising. IE is a great piece of work, but a little spotty in the security area. Which, of course, is NOT totally Microsoft's fault. They make the most popular browser, so they take the heat when hackers know that if they can find a hole in IE, they can get into 90% of the people browsing out there. I use Group Policies all the time to limit my computer from doing anything it shouldn't, and I use Spybot S&D religiously. Still, using Mozilla Firebird is an improvement...

You know, what is so terribly frustrating is that there are literally millions of people out there that have computers and use them for work, play, programs, whatever, and some jerk has to come along and spoil it. How many people out of those millions even know what to do when they get a hacker, virus, or the damn thing just doesn't work right. You get on the horn to someone, anyone, and hours later, if even then, maybe you get help. Nine out of ten times you get cut off, or you spend money calling someone to fix what some jerk did to your machine. Computers aren't cheap, the majority of them, and I make a living off of mine doing medical transcription. I got Road Runner so it would run faster. When I want to play on it, i.e, Object Desktop, or other programs, I don't want cut off, or worms or viruses or all the BS that goes with it. This is worse than telemarketers invading my privacy. That I can deal with. But for someone to mess with my machine, now that ticks me off. Tonight I had to totally reinstall WB because of some computer-glitch type deal. What the crap....I didn't do anything different than I always do and it totally blows out of my computer for no reason. Fortunately, I got it back up and working. But if you aren't a computer whiz, you could be really screwed. I don't know. I am just frustrated with the whole mess anymore. A friend of mine calls me tonight and is trying to get technical training for her profession that she has to have over the Internet. She tries to register and it gives her a 404 error. The girl just bought a 3000 Dell system. It isn't her computer, it is all the other crap. It is just frustrating. She probably doesn't have a worm or virus or hacker, it is probably some other BS program but like a zillion other people I hear the same thing, "I am ready to throw this f.....maching out the window". Okay I am babbling but I am just an ordinary person with an ordinary computer trying to have some ordinary fun at 50 bucks a month to Road Runner and it ain't fun anymore. It is frustrating.

"Microsoft recommended that users protect themselves against the newer exploits by changing Internet Explorer's security zone settings to prompt before running ActiveX controls"

This should be done until MS comes out with a patch....probably Friday. Your settings can be changed in 'Internet Options/Security/Custom Level........after changing the settings you will get prompts while you're surfing. If you trust the site then allow the activeX access. If you don't know the site or you're not sure then don't. The only thing that will happen with a dis-allow is the page won't load completely.

More stuff...

A new Trojan (named QHosts-1) has appeared and is rapidly spreading. QHosts-1, similar to other Trojans, is spreading by peer-to-peer (P2P) and other file sharing programs, as attachments in E-mail, and via IRC (Internet Relay Chat). Please exercise caution when using any of these programs, and do not open attachments received via E-mail from unknown sources. It is recommended that you keep your anti-virus software up to date to help avoid becoming infected with malicious software such as QHosts-1.

Both Norton and McAfee have updates on their sites for this virus....

Oh yeah another suggestion besides having Virus protected email box on your local system. If you ISP or Email provider has virus scanning options make use of them and a Server Side spam filter that allows you to view emails and header info in emails to make sure you know how it got to you and is not spoofed or redirected by some jerk... Or run a local Soam Filtering progam that does the same as the Server side that also allows you to kill and delete without it ever coming to your system.

Personally I own Mcafee Spamkiller which allows me to send notices back along the systems that the email passed through and also to the Admin of the email server it was sent from. It also allows sending a "unknown email account" type error which can cause your email address to be auto removed from computer generated lists after so many error returns are sent back to them.

mmm

lots more you can do, but...

ahhh almost 80 hours on 6 hours sleep here and my mind is feeling all gooey...

...maybe you might think about bed.....



[Message Edited]

The 'Patch' has been posted on the MS Update Page...

I just installed it. thanks you all.